Thank you for your interest in our website. The protection of your personal data is very important to us. Below you will find information on how we handle your data that is collected through your use of our website and our app. Your data is processed in accordance with the legal provisions on data protection.
The controller within the meaning of the General Data Protection Regulation (GDPR) is
The Jodel Venture GmbH Wilhelmstraße 118 10963 Berlin
Germany
Email: [email protected]
You can also contact us using the contact functions in the Jodel app.
When contacting us, please provide the user ID of the device you are using. We regularly need this information in order to implement your rights as a data subject..
You can reach the data protection officer at
Proliance GmbH
www.proliance.ai
Data Protection Officer
Leopoldstr. 21
80802 Munich
Email: [email protected]
When contacting the data protection officer, please state the company to which your request relates (The Jodel Venture GmbH) and the user ID of the device you are using. We regularly require the user ID in order to implement your rights as a data subject. Please also refrain from attaching sensitive information, such as a copy of your ID, to your request.
Your data may also be processed in countries outside the European Union (EU) and the European Economic Area (EEA).
For data transfers to certain third countries, an adequacy decision by the EU Commission pursuant to Art. 45 (1) GDPR may exist. Such a decision establishes that an adequate level of data protection exists in the third country. A list of previous adequacy decisions can be found at the following link: Data protection adequacy for non-EU countries.
The scope of an adequacy decision may also be limited to a specific group of recipients or linked to the existence of further conditions.
For example, the adequacy decision for data transfers to the US only applies to companies certified under the EU-US Data Privacy Framework. The certification status of a participating company can be viewed at the following link: Participant Search (dataprivacyframework.gov).
When your data is transferred to recipients in third countries for which no adequacy decision exists, there is a risk that local authorities may access your data for security and surveillance purposes without you being informed or being able to seek legal redress.
To ensure an adequate level of data protection when transferring your data to recipients in such third countries, we therefore ensure that appropriate safeguards within the meaning of Art. 46 GDPR are in place.
Standard data protection clauses of the European Commission pursuant to Art. 46 (2) (c) GDPR are therefore regularly concluded either by us or by the service providers we use. They oblige the recipient of the data in the third country to process it in accordance with the European level of protection. The clauses can be viewed at the following link: Publications on the Standard Contractual Clauses (SCCs) – European Commission. If you require further information on the modules of the standard data protection clauses or supplementary measures concluded by us in individual cases, we will be happy to provide you with a copy. In this case, simply contact us using the contact details listed above under “Controller.”
For certain recipients, data transfers may also be based on binding internal data protection regulations (BCR) approved by the supervisory authorities in accordance with Art. 46 (2) lit. b GDPR. These can be viewed at the following link: Approved Binding Corporate Rules | European Data Protection Board.
If the standard data protection clauses or binding internal data protection regulations are not sufficient to guarantee the level of protection, additional technical, contractual, or organizational measures will be taken to secure the data transfer. In addition, regular reviews and assessments will be carried out to determine whether these additional measures continue to guarantee an adequate level of data protection or whether further supplementary measures need to be taken.
Further information on data transfers to third countries can be found in the relevant cases below in the section on data processing or services used, “Data processing in third countries.”
Artificial intelligence (AI) is an integral part of modern digital platforms and business processes. We use AI technologies both in the operation of our platform and to support internal workflows. In doing so, we take our data protection responsibilities seriously and have thoroughly examined the legal, technical, and organizational requirements associated with the use of AI systems.
Below, we provide transparent information about the various categories of AI systems we use, the associated data processing, and the measures we have taken to protect your personal data.
We distinguish between two categories of AI use:
The following applies in principle to all AI systems we use:
We use general-purpose AI systems or assistants throughout the company. The use of these AI systems and assistants is not limited to specific functions or activities but can span a range of application areas.
Description of Data Processing and Purpose
These systems are typically based on large language models and can be flexibly deployed for a variety of purposes, such as assisting with text creation, responding to internal inquiries, or analyzing content.
In this context, personal data may be processed in so-called “prompts.” A prompt is an input request or instruction that our employees send to the AI system to obtain a specific output. The AI systems process these inputs and generate corresponding outputs, which may also contain personal data. These outputs can in turn be further processed and utilized. However, we would like to emphasize that
Description of data processing and purpose
When using the AI systems, inputs in the form of requests, questions, documents, images, and other content can be entered and generated. These are then processed internally or externally, as needed, provided such processing is permitted within the scope of our business activities. We use the AI system, for example, for:
It cannot be ruled out that inputs may contain personal data or that such data may be included in responses. In principle, all categories of personal data we hold about you may be affected, although the input of sensitive personal data is expressly prohibited.
The use of the processed data by the provider to train the AI model is contractually prohibited.
Legal basis for data processing
Data processing is carried out in accordance with Art. 6(1)(f) GDPR. The purpose of the data processing and our legitimate interest lie in enabling a more efficient way of working and facilitating the performance of certain work tasks within the scope of the aforementioned activities.
Data processing in third countries
In the course of use, data is transferred to providers of AI language model services based in the United States. Depending on the provider, data transfers to the United States are based on an adequacy decision by the European Commission for certified companies or on EU Standard Data Protection Clauses.
Further information and links can be found above in the section “General Information on Data Transfers to Third Countries”.
Retention Period
When we use AI systems, data is transferred to the recipients and stored there for as long as necessary to achieve the stated purposes. In addition, this data is processed in our own systems for as long as necessary to achieve the stated purposes. We then delete your data from our operational systems, unless data processing remains permissible for another purpose specified in this statement and on a corresponding legal basis.
In addition to using AI systems and assistants for general purposes, we employ specific, purpose-built AI features and extensions for certain data processing operations or when using specific services and software solutions.
Such AI features and extensions may, for example, be integrated into the software we use as part of one of the data processing operations described here. In this case, precisely defined tasks are always performed with the help of AI.
The specific AI systems and platform-related functions used in the operation of our platform include, in particular, image processing, automated content recognition and moderation, and behavior-based security analyses.
Image processing and automated content moderation
To protect our users and comply with our Terms of Use, we employ AI-powered image recognition systems that automatically scan image and video content uploaded by users for non-compliant content (e.g., violence, sexual content, hate speech). For text- and image-based moderation, we use AI models that have been adapted and further trained on content from our own platform. Before being used for training, this content is checked for direct identifiers and anonymized or pseudonymized wherever possible.
For image moderation, we also rely on specialized external services. If these systems cannot make a reliable automated decision, the content in question is forwarded to a human moderation team for manual review.
Automated Spam and Abuse Detection
We use AI systems to automatically detect and remove spam and coordinated abuse on our platform, including the detection of commercial spam and off-platform contact solicitation.
AI-Powered Customer Support
We use AI-powered tools to process user inquiries. If AI systems respond to user inquiries or assist in responding, users are informed that they are interacting with an AI system.
Automated Decision-Making
To the extent that AI systems make automated decisions that may have a direct impact on users, they have the right to human review as well as a right to object pursuant to Art. 21 GDPR.
Legal basis for data processing
Data processing is based on Article 6(1)(b) of the GDPR (fulfillment of the user relationship, enforcement of terms of use) and Article 6(1)(f) of the GDPR (legitimate interest in the secure and compliant operation of the platform and the protection of our users from illegal content).
Data Processing in Third Countries
In the course of use, data is transferred to providers of AI language model services based in the United States. Depending on the provider, data transfers to the United States are based on an adequacy decision by the European Commission for certified companies or on EU Standard Data Protection Clauses.
Further information and links can be found above in the section “General Information on Data Transfer to Third Countries”.
Retention Period
When we use AI systems, data is transferred to the recipients and stored there for as long as necessary to achieve the specified purposes. In addition, this data is processed in our own systems for as long as necessary to achieve the specified purposes. We then delete your data from our operational systems, unless data processing remains permissible for another purpose specified in this statement and on a corresponding legal basis.
Description of data processing and purpose
When you visit our website, it is technically necessary for data to be transmitted between your Internet browser and ours for communication purposes. During an ongoing connection for communication between the Internet browser and the web server, the following data is regularly collected:
● IP address of the requesting entity (router or mobile device),
● Date and time of the request,
● Name of the requested file,
● Website from which the file was requested (referrer URL),
● Access status,
● Amount of data transferred,
● Web browser and operating system used,
● Language used.
The listed data is stored in log files and analyzed if necessary.
We process this data in order to ensure a smooth connection between your Internet browser and our website and to guarantee the technically error-free provision of our services, as well as to detect and prevent attacks on our website. The log files are used to evaluate system security and stability and for administrative purposes.
The processing of this data is absolutely necessary in order to make the website available to you.
Legal basis for data processing
The legal basis for the processing of the data is Art. 6 (1) (f) GDPR. Our legitimate interest lies in being able to provide our website in a functional, trouble-free, and secure manner.
Recipients
The data processed in the context of hosting our website is transmitted to the following recipients:
● Raidboxes GmbH, Hafenstraße 32, 48153 Münster, Germany.
In the event of anomalies or attacks, the data may also be passed on in individual cases to:
● Information security consultants and IT forensic experts
● Lawyers,
● Investigative authorities,
● Courts
Storage period
For technical security reasons, in particular to defend against attempts to attack our web server, we store this data for a short period of time. After no more than 7 days, the data is anonymized by shortening the IP address at the domain level so that it is no longer possible to establish a connection to individual users.
In individual cases, the data may be stored for longer in the event of attacks or attempted attacks, insofar as this is necessary for the conclusion of investigations or court proceedings or for the exercise of legal claims.
In anonymized form, the data from the log files may be stored and processed further for statistical purposes.
To provide our website, we use “myrdbx.io,” a service provided by Raidboxes GmbH, Hafenstraße 32, 48153 Münster, Germany.
Description of data processing and purpose
“myrdbx.io” enables us to quickly provide data in order to make our website available in the best possible way. The service is a content delivery network (CDN). The CDN uses proxy servers that enable companies to deliver content such as web videos, graphics, web fonts, large media files, or JavaScript files quickly and securely. To do this, proxy servers store the files locally, thereby improving access speed during download. In practice, this means that companies can offer data-rich content on their websites that users can access without long waiting times.
We use the CDN to make web fonts and graphics available.
In order to make the content of our websites available via the service, your personal data is transmitted to the providers of the service. The data processed includes, in particular:
● IP address of the requesting entity (router or mobile device)
● Date and time of the request
● Name of the requested file
● Website from which the file was requested (referrer URL)
● Access status
● Web browser and operating system used
● Amount of data transferred.
We use the service to make our website available in the best possible way and without long loading times.
Legal basis for data processing
Insofar as we use cookies and similar technologies in connection with the integration of the service, or insofar as data is stored on your device or read from it by the service, this is done without your consent in accordance with any legal exceptions that may exist in your country. Subsequent data processing is carried out on the basis of Art. 6 (1) (f) GDPR. Our legitimate interest lies in improving our website technically and making our website available efficiently.
Recipients
When using the service, the data collected via our websites is transmitted to the following recipients:
● Raidboxes GmbH, Hafenstraße 32, 48153 Münster, Germany. Storage
Through the integration of the content management system, data is transmitted to the above- mentioned recipients and processed there for as long as is necessary to achieve the stated purposes. The data processed by the service and made available to us is not stored in our own systems beyond this.
When you use our website, information (e.g., IP address) may be accessed or stored (e.g., cookies) on your terminal equipment. This access or storage may involve further processing of personal data within the meaning of the GDPR.
In cases where such access to information or storage of information is absolutely necessary for the technically error-free provision of our services, this is done on the basis of a legal exemption that may exist in your country without your consent. Subsequent data processing may be carried out on the basis of Art. 6 (1) (f) GDPR.
In cases where such a process serves other purposes (e.g., the needs-based design of our website), is carried out on the basis of consent as required by law in your country ( ). In this case, follow-up data processing may be carried out on the basis of Art. 6 (1) (a) GDPR.
Consent can be revoked at any time with future effect. The processing of your personal data is subject to the provisions of the GDPR, the German Federal Data Protection Act (BDSG), and any data protection laws applicable in your country.
Further information on the processing of your personal data and the relevant legal basis in this context can be found in the following sections on the specific processing activities on our website.
We use services on this website that use cookies and similar technologies to store data in your device’s browser and to read data that has already been stored. Cookies, your browser’s local storage, pixels, and so-called tags may be used for this purpose.
Cookies are small text files that can be stored and read on your device.
A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored for a certain period of time beyond the individual session.
In addition to cookies, we may use your browser’s session storage or local storage to store and read data.
We may also embed pixels in our websites. Pixels are small, individualized image files that are loaded when the page is built and can be used to track user activity.
Finally, we may use tags (markers) on our websites. Tags are small HTML or JavaScript code fragments or markers that enable website analysis or user tracking services to distinguish or identify users and track certain user activities.
Further information on the cookies and similar technologies we use can be found below in the descriptions of the categories of cookies and in our consent management platform “Cookiebot,” which is displayed when you visit our website. You can give your consent via the platform and also revoke it easily. You can access the platform at any time via the “Cookie Settings” link at the bottom of the website to change your settings.
Please note that without the use of certain cookies and similar technologies, our websites may not display correctly and some functions may no longer be available.
Services in this category may use cookies and similar technologies to store and read information on your device. We use these
● to enable the website to be displayed and to provide its basic functions, in particular page navigation and access to secure areas,
● to enable the submission and revocation of consent,
● to protect our forms from misuse, and
● to protect our website from cyber attacks and fraud attempts.
● In some cases, the cookies and similar technologies used only contain information
about certain settings and are not personally identifiable. We do not use them for the purpose of tracking your interactions, for measurement and statistical evaluation, or for advertising purposes.
The use of the services and corresponding cookies and similar technologies in this category is based on in accordance with any legal exceptions that may exist in your country without consent . Subsequent data processing is based on Art. 6 (1) (f) GDPR.
Services or external content and media from third-party providers in this category may use cookies and similar technologies to store and read information on your device. We use these
● to enable the loading of third-party content and media,
● to make our websites appealing to you and to operate them efficiently, and
● to provide you with certain settings and additional functions on the website.
The use of services and corresponding cookies and similar technologies in this category is based on consent, which may be required by law in your country . Subsequent data processing is based on your consent in accordance with Art. 6 (1) (a) GDPR.
Services in this category may use cookies and similar technologies to store and read information on your device. We use these to
● to count and distinguish you as an individual website visitor and to perform statistical analyses of your interactions and use of our websites,
● to design our websites in line with demand and adapt them to user interactions,
● to test adjustments to the website and measure user response to them (A/B testing),
and
● to monitor the technical functionality of our website and enable troubleshooting.
To this end, individual pseudonymous identifiers (recognition features) consisting of numbers and letters are regularly stored in cookies on your device when you visit our website and are read again when you visit the site again.
The use of pseudonyms enables individual differentiation and recognition of users. However, the natural person behind a pseudonym cannot usually be identified directly, in particular by name, without further additional data.
Other technologies may also be used on a regular basis to read recognition features from your device, such as in the case of so-called browser or device fingerprinting, in which data from the properties of the browser you are using (e.g., type and version of the browser) and its configuration (e.g., preferred language), from the properties of your device (e.g., manufacturer and model of your mobile phone, operating system) or the hardware you use (e.g., screen resolution) to recognize you as a different user pseudonymously.
The use of the services and corresponding cookies and similar technologies in this category is based on consent, which may be required by law in your country. Subsequent data processing is based on your consent in accordance with Art. 6 (1) (a) GDPR.
Services in this category may use cookies and similar technologies to store and read information on your device. We use these to
● to count and distinguish you as an individual website visitor and to perform statistical analyses of your interactions and use of our websites,
● to track your interactions with advertisements placed by us via third-party providers on other websites across different devices and websites (so-called conversion tracking),
● to track and evaluate your interactions with our website and then use this information as the basis for targeted advertising campaigns in advertising networks aimed at you or a specific target group to which you belong (known as retargeting and remarketing),
● to improve the effectiveness of our advertising measures and to control our advertising campaigns.
To this end, individual pseudonymous identifiers (recognition features) consisting of numbers and letters are regularly stored in cookies on your device when you visit another website or our website, and are read again when you visit this or a new website again.
Other technologies may also be used regularly to read recognition features from your device, such as in the case of so-called browser or device fingerprinting ( ), in which data from the properties of the browser you are using (e.g., type and version of the browser) and its configuration (e.g., preferred language) or from the properties of your device (e.g., manufacturer and model of your mobile phone, operating system) or the hardware you use (e.g., screen resolution) to recognize you as a different user pseudonymously.
If necessary, the processed pseudonymous recognition features may also be merged with other data by us or the providers of the services used.
This allows the services we use and their providers to exchange and compare recognition features (IDs) with each other in order to merge the features in the event of a match and assign them to the same pseudonymous user (known as ID matching/ID syncing). This enables cross-device, cross-platform, and cross-advertising network recognition and advertising targeting of website visitors.
If you identify yourself with your clear data such as your name or email address, or enter your own user data on our websites, or log in to social networks or online services from third-party providers who also provide us with corresponding tracking and advertising services, pseudonymous recognition features can also be linked to your clear data or user data.
This allows us or the service providers to create and evaluate comprehensive pseudonymous or non-pseudonymous user profiles, which we can then use to target advertising based on your interests.
The use of the services and corresponding cookies and similar technologies in this category is based on consent, which may be required by law in your country. Subsequent data processing is based on your consent in accordance with Art. 6 (1) (a) GDPR.
On our websites, we use the consent management platform “Cookiebot” from Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark, which helps us manage your consent to the use of cookies and similar technologies.
Description of data processing and purpose
We use the service to manage your consent to the use of cookies and similar technologies and the subsequent data processing.
If you give or refuse consent via our consent banner, the service processes the following data:
● the IP address of the requesting computer,
● the description of the web browser and operating system used,
● the address of the website from which your consent was sent
● the date and time of consent,
● a pseudonymous, random, and encrypted consent key (consent ID).
● Your consent status, which serves as proof of your consent.
This data is logged on the provider’s servers. Your IP address is shortened by removing the last three digits so that it can no longer be traced back to you.
As part of data processing, your consent ID and consent status are stored both in the browser of your end device in the “CookieConsent” cookie and on the provider’s servers in order to read and compare your consent status browser when you visit the page again. The check is performed by comparing the consent key and consent status from the “CookieConsent” cookie with the values transmitted to the provider when you gave your consent, in order to ensure that the status of your original consent has not changed.
This enables us to check your consent status for all subsequent and future visits to our websites and to activate or deactivate cookies and other technologies when you visit the site again, in accordance with your decision.
The purpose of data processing and our legitimate interest lie in centrally controlling cookies and similar technologies integrated into our website, as well as integrated services, and in offering you a simple way to give and revoke your declarations of consent, thereby fulfilling any obligation that may exist in your country to obtain consent for the use of cookies and similar technologies, as well as our accountability obligation pursuant to Art. 5 (2) GDPR with regard to your consent.
Legal basis for data processing
Insofar as we use cookies and similar technologies in connection with the integration of the service, or insofar as data is stored on your end device or read from it by the service, this is done without consent in accordance with any legal exceptions that may exist in your country. Subsequent data processing is based on Art. 6 (1) (f) GDPR.
Our legitimate interest lies in centrally controlling cookies and similar technologies integrated into our website, as well as integrated services, and in offering you a simple way to give and
revoke your declarations of consent, thereby fulfilling any obligation that may exist in your country to obtain consent for the use of cookies and similar technologies, as well as our accountability obligation pursuant to Art. 5 (1) 2 GDPR with regard to your consent.
Recipients
When using the service, the data collected via our websites is transferred to the following recipients:
● Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark.
Storage period
By integrating the services on our websites, data is transferred to the above-mentioned recipients and processed there for as long as is necessary to achieve the stated purposes. Beyond this, the data processed by the service and made available to us is not regularly stored in our own systems. In individual cases, data on the time, status, and scope of consent may also be stored in our own systems for longer periods, insofar as this is permissible for other purposes mentioned in this statement.
We integrate the Google Tag Manager service from Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA, into our websites.
In the European Union (EU) and the European Economic Area (EEA), the service is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Description of data processing and purpose
Google Tag Manager is a tag management system (TMS) that enables us to integrate and manage additional website content in JavaScript or HTML code.
In particular, it allows so-called tags to be integrated into and managed on our website. Tags are small code fragments or markers (web beacons, tracking pixels, or similar markers) that enable website analysis or user tracking services to distinguish or identify users.
The analysis of website visits and user tracking is not carried out by Google Tag Manager, but by the services used for these purposes, such as Google Analytics or other third-party solutions. Rather, Google Tag Manager is only used to integrate and manage the markers required for analysis and tracking on our websites.
Since Google Tag Manager is provided by Google and is reloaded from its servers when the page is accessed, the usage data technically required to access the page is also transmitted. In this respect, Google also receives your IP address, which is technically necessary to retrieve the content.
Legal basis for data processing
, if we use cookies and similar technologies as part of the integration of the service, or if data is stored on your device or read from it by the service, this is done without your consent in
accordance with any legal exceptions that may exist in your country. Subsequent data processing is based on Art. 6 (1) (f) GDPR.
Recipients
When using the service, the data collected via our websites is transmitted to the following recipients:
● Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland,
● Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.
We have no influence on further data processing by the third-party provider.
Further information on Google’s handling of personal data can be found at
https://policies.google.com/privacy?hl=de.
Data processing in third countries
Your data will be transferred to recipients in third countries. For data transfers to the USA, there is an adequacy decision by the EU Commission with regard to companies certified under the EU-U.S. Data Privacy Framework. Google LLC is certified under the EU-U.S. Data Privacy Framework.
Additional information on this and further links can be found above in the section “General information on data transfers to third countries.”
Storage period
By integrating the service on our websites, data is transferred to the above-mentioned recipients and processed there for as long as is necessary to achieve the stated purposes. The data processed by the service and made available to us is not stored in our own systems beyond this.
We integrate the Google Analytics service from Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA, into our websites.
In the European Union (EU) and the European Economic Area (EEA), the service is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Description of data processing and purpose
Google Analytics creates usage profiles based on pseudonyms (recognition features from cookies and device IDs and other data about the device used or the so-called browser fingerprint) and usage data (e.g., name and address of the , website content requested by your browser, referral links, description of the web browser and operating system used, and the IP address of the requesting device).
Demographic data (such as continent, country, region, city, age group, gender, language
● demographic data (such as continent, country, region, city, age group, gender, language, and interests of users)
● data about your interactions with search engines or other websites that are collected by Google (such as search engine queries that can be associated with your Google account, the origin of your visit to our site, i.e., whether it was made by clicking on a paid ad in a search engine, search terms used, or, under certain circumstances, the history of websites you have visited)
● Information about which website you used to access our website
● Information about your device (such as category, manufacturer, and model) and
configuration (e.g., language settings, screen resolution).
● Information about your interests, insofar as they are collected by Google in the context
of your internet usage,
● Information about your interactions with our advertisements or advertising
campaigns, e.g., that a specific action on our website can be attributed to clicking on a
specific advertisement),
● Data on your interactions with our web pages, past visits to our website, subpages
accessed, data on the time of the visit and duration of the session, button clicks, scroll depth, reading depth, as well as the use of filters, searches, forms, and other input and registration options, links clicked on external websites/files, data on products and services you have viewed or purchased on our websites, and
● data on your interactions with social media networks (such as sharing content).
collected and analyzed.
This enables Google to recognize website visitors and the devices they use pseudonymously, count them as such, and assign them to specific demographic target groups, interest groups, or customer segments.
Visitors who have their own user account on Google platforms can also be identified by Google as visitors to our websites across devices.
Data collection and processing on our websites is carried out using cookies and JavaScript code, which is loaded when the page is accessed and executed in the browser of your device. With the help of this JavaScript code, cookies can then be stored on your device and various information can be read from your device and from cookies stored there. Details on the cookies and similar techniques used can be found above under “Data processing in connection with cookies and similar techniques” and in the information you can access via our consent management platform.
Google uses the processed information to create summary statistics for us, which allow us to see what users of our websites are interested in and how many users have interacted with our websites and in what way.
We only receive summarized statistics (aggregated data) from Google, from which we, as users of Google advertising services, cannot draw any conclusions about individual persons.
We then use these findings to place target group-oriented online advertising measures and marketing campaigns in advertising networks, in particular in Google advertising services.
Legal basis for data processing
The legal basis for the integration and use of the service is your consent, provided that you have given it via our consent management platform.
The use of cookies and similar technologies is based on consent, which may be required by law in your country. The subsequent data processing is based on Art. 6 (1) (a) GDPR.
Your consent is voluntary and can be revoked at any time with effect for the future. To exercise your right of revocation, please use the “Cookie settings” link at the bottom of the website to access the consent management platform again and change your settings.
Recipients
When using the services, the data collected via our websites is transmitted to the following recipients:
● Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland,
● Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.
We have no influence on further data processing by the third-party provider.
Further information on Google’s handling of personal data can be found at
https://policies.google.com/privacy?hl=de.
Data processing in third countries
Your data will be transferred to recipients in third countries. For data transfers to the USA, there is an adequacy decision by the EU Commission with regard to companies certified under the EU-U.S. Data Privacy Framework. Google LLC is certified under the EU-U.S. Data Privacy Framework.
Additional information on this and further links can be found above in the section “General information on data transfers to third countries.”
Storage period
By integrating the services on our websites, data is transferred to the above-mentioned recipients and processed there for as long as is necessary to achieve the stated purposes. The data processed by the service and made available to us is not stored in our own systems beyond this.
We integrate Google advertising services and functions from Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA, into our websites.
In the European Union (EU) and the European Economic Area (EEA), the services are provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Description of data processing and purpose
We use Google marketing services and functions such as Google Ads, Google Ads conversion tracking, Google Ads retargeting, and the Google Marketing Platform to place and control target group-oriented advertisements for our products and services via the Google advertising network and to measure how successful these advertisements are.
Data collection and processing on our websites is carried out using cookies and JavaScript code, which is loaded when the page is accessed and executed in the browser of your device. With the help of this JavaScript code, cookies can then be stored on your device and various information can be read from your device and from cookies stored there. Details on the cookies and similar technologies used can be found above under “Data processing in connection with cookies and similar technologies” and in the information available on our consent management platform “Cookiebot.”
This enables Google to recognize website visitors and the devices they use pseudonymously. Visitors who have their own user account on Google platforms can also be identified by Google as visitors to our websites across devices.
When you click on an ad placed for us via Google, cookies for conversion tracking are set by the website or app of other providers. These are read again when you visit our site. Data from the original website or app is processed to determine which search terms (keywords) you may have entered in a search engine, which advertisement or group of advertisements you clicked on, and which of our online marketing campaigns the advertisement was associated with.
We then collect data on our websites about how you have used our website and how you have interacted with the website content, e.g., which subpages were accessed, which content was clicked on or retrieved, or which forms or dialogs you used. The conversion of an advertisement into a specific action by the website visitor on a website is referred to as a conversion.
When using “Google Analytics” at the same time, we can evaluate your actions on our websites even more accurately with the data collected through it.
From the processed information, Google creates summarized statistics for us as part of “Google Ads Conversion Tracking” in “Google Ads” and in the “Google Marketing Platform,” from which we can see how many users have responded to our advertisements and in what way. We only receive summarized statistics (aggregated data) from Google, from which we, as users of Google advertising services, cannot draw any conclusions about individual persons.
Based on the statistics, we can optimize the effectiveness of our online advertising and control our advertising strategy via Google advertising services.
Google Ads Remarketing then enables us to place interest- and target group-related advertisements during your further use of the Internet or apps based on the websites and content you have visited on our site, how you have used them, and what actions (conversions) you have taken on our websites.
Legal basis for data processing
The legal basis for the integration and use of the service is your consent, provided that you have given it via our consent management platform.
The use of cookies and similar technologies is based on consent, which may be required by law in your country. The subsequent data processing is based on Art. 6 (1) (a) GDPR.
Your consent is voluntary and can be revoked at any time with effect for the future. To exercise your right of revocation, please use the “Cookie settings” link at the bottom of the website to access the consent management platform again and change your settings.
Recipients
When using the services, the data collected via our websites is transmitted to the following recipients:
● Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland,
● Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.
We have no influence on further data processing by the third-party provider.
Further information on Google’s handling of personal data can be found at
https://policies.google.com/privacy?hl=de. Data processing in third countries
Your data will be transferred to recipients in third countries. For data transfers to the USA, there is an adequacy decision by the EU Commission with regard to companies certified under the EU-U.S. Data Privacy Framework. Google LLC is certified under the EU-U.S. Data Privacy Framework.
Additional information on this and further links can be found above in the section “General information on data transfers to third countries.”
Storage period
By integrating the services on our websites, data is transferred to the above-mentioned recipients and processed there for as long as is necessary to achieve the stated purposes. The data processed by the service and made available to us is not stored in our own systems beyond this.
We integrate LinkedIn advertising services and functions from LinkedIn Corporation, 1000 W. Maude Ave., Sunnyvale, California 94085, USA, into our websites.
In the European Union (EU) and the European Economic Area (EEA), LinkedIn Conversion Tracking is offered as a service by LinkedIn Ireland Unlimited Company, Wilton Plaza, Gardner House 4,5,6, Dublin 2, Ireland.
Description of data processing and purpose
If you see an ad placed by us via LinkedIn on other websites or click on it, these other websites will store a “LinkedIn Conversion Tracking” cookie with a pseudonym assigned to us on your device based on your consent given there.
If you subsequently visit our websites within the storage period of this cookie, this cookie and your usage data will be read out on our websites using a pixel and JavaScript code (known as a “LinkedIn Insight Tag”). The following data is processed in this process:
● the name and address of the requested content,
● the date and time of the query,
● the description of the web browser and operating system used, including information about the language used,
● the referrer address, which indicates which websites you came to ours from,
● the IP address of the requesting computer,
● your interactions with our websites (e.g., content and events clicked on, forms filled out, frequency of response).
● IP addresses of website visitors are truncated by LinkedIn so that they can no longer
be traced back to a specific person.
If website visitors are also members of LinkedIn, the user ID is also processed. IP addresses of members are not shortened, but hashed to prevent cross-device tracking. In addition to the user ID, demographic data such as job title, company, and industry of the member are also processed.
In this way, LinkedIn can determine that you have been shown an advertisement placed by us or that you have clicked on it and subsequently visited our websites and, if applicable, how you have subsequently used our websites.
The conversion of an advertisement into an action by the website visitor is referred to as a conversion. LinkedIn Ads & Analytics uses this information to compile statistics for us, which allow us to see how many users have responded to our advertisements and in what way.
Based on these statistics, we can optimize the effectiveness of our advertising and control our advertising strategy. In particular, LinkedIn Ads enables us to use this data to create target groups for LinkedIn Retargeting (target group-oriented advertising) and to address them via LinkedIn advertisements.
Legal basis for data processing
The legal basis for the integration and use of the service is your consent, provided that you have given it via our consent management platform.
The use of cookies and similar technologies is based on consent, which may be required by law in your country. The subsequent data processing is based on Art. 6 (1) (a) GDPR.
Your consent is voluntary and can be revoked at any time with effect for the future. To exercise your right of revocation, please use the “Cookie settings” link at the bottom of the website to access the consent management platform again and change your settings.
Recipients
When using the service, the data collected via our websites is transmitted to the following recipients:
● LinkedIn Ireland Unlimited Company, Wilton Plaza, Gardner House 4,5,6, Dublin 2, Ireland,
● LinkedIn Corporation, 1000 W. Maude Ave., Sunnyvale, California 94085, USA. We have no influence on further data processing by the third-party provider.
For more information on how LinkedIn handles personal data, please visit https://www.linkedin.com/legal/privacy-policy.
Data processing in third countries
Your data will be transferred to recipients in third countries. For data transfers to the USA, there is an adequacy decision by the EU Commission with regard to companies certified under the EU-U.S. Data Privacy Framework. LinkedIn Corporation is certified under the EU-U.S. Data Privacy Framework.
Additional information on this and further links can be found above in the section “General information on data transfers to third countries.”
Storage period
By integrating the services on our websites, data is transferred to and stored by the above- mentioned recipients. IP addresses of website visitors are truncated by LinkedIn so that they can no longer be traced back to individuals. For LinkedIn members, IP addresses are not truncated but hashed to enable cross-device tracking. Members’ direct identifiers are removed within seven days to pseudonymize the data. This remaining pseudonymized data is then deleted within 90 days.
No further storage of the data processed by the service and made available to us takes place in our own systems.
We integrate the “Meta Pixel” from Meta Platforms, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, into our websites.
In the European Union (EU) and the European Economic Area (EEA), the service is provided by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland.
Description of data processing and purpose
We use Meta Pixel and other Meta marketing services and features such as Meta Custom Audiences, Meta Conversion Tracking, Meta Retargeting, and Meta Ads Ad Manager to place and control target group-oriented advertisements for our products and services on the Meta social media platforms Facebook and Instagram, and to measure how successful these advertisements are.
Data collection and processing on our website is carried out using the “Meta Pixel.” This is a JavaScript code that is loaded when the page is accessed and executed in the browser of your device. With the help of this JavaScript code, cookies can then be stored on your device and various information can be read from your device and from cookies stored there.
This enables us to recognize website visitors and the devices they use pseudonymously. Visitors who have their own user account on Meta social media platforms can also be identified by Meta across devices as visitors to our websites.
In addition, the “Meta Pixel” enables us to track and evaluate your interests based on the websites you visit and your interactions with our websites.
The information read by the “Meta Pixel” includes, in particular
● Information contained in the HTTP header when a website is accessed in the browser of your device, in particular usage data such as IP address, information about the web browser used, the location of the page, the files accessed, the referral link that indicates which page you came to ours from,
● characteristics of the device you used when accessing our websites,
● Cookies that may already be present in the browser of your device and that have been set by Meta services, e.g., marketing cookies “_fbp” and “fr,”
● Button click data, i.e., data about which buttons were clicked on the websites by
visitors, the labels of these buttons, and all pages that were visited as a result of the button clicks. This applies, for example, to clicking buttons in web forms for product inquiries or demonstrations, for downloading documents, or for booking appointments.
Meta uses this information to create statistics for us as part of “Meta Conversion Tracking” in the “Meta Ads Ad Manager,” which allow us to see how many users responded to our ads on Meta social media platforms and in what way. The conversion of an advertisement into an action by the website visitor is referred to as a conversion. Based on these statistics, we can optimize the effectiveness of our advertising and control our advertising strategy.
In addition, we use the information collected via the “Meta Pixel” on our websites to create so-called “Meta Custom Audiences” (user-defined target groups) in the “Meta Ads Ad Manager” and to place target group-oriented advertising for these on the Meta social media platform. This allows us, for example, to place advertisements on the platforms for website visitors who have previously shown interest in our products, services, or promotions within a certain period of time and have visited our websites. This type of targeted advertising is referred to as retargeting.
Legal basis for data processing
The legal basis for the integration and use of the service is your consent, provided that you have given it via our consent management platform.
The use of cookies and similar technologies is based on consent, which may be required by law in your country. The subsequent data processing is based on Art. 6 (1) (a) GDPR.
Your consent is voluntary and can be revoked at any time with effect for the future. To exercise your right of revocation, please use the “Cookie settings” link at the bottom of the website to access the consent management platform again and change your settings.
Recipients
When using the service, the data collected via our websites is transmitted to the following recipients:
● Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland,
● Meta Platforms, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA.
We have no influence on further data processing by the third-party provider.
Further information on the handling of personal data by the provider can be found at
https://de-de.facebook.com/privacy/policy/.
Data processing in third countries
Your data will be transferred to recipients in third countries. For data transfers to the USA, there is an adequacy decision by the EU Commission with regard to companies certified under the EU-U.S. Data Privacy Framework. Meta Platforms Inc. is certified under the EU-U.S. Data Privacy Framework.
Additional information on this and further links can be found above in the section “General information on data transfers to third countries.”
Storage period
By integrating the services on our websites, data is transferred to the above-mentioned recipients and processed there for as long as is necessary to achieve the stated purposes. The data processed by the service and made available to us is not stored in our own systems beyond this.
We integrate the “SalesViewer” service from SalesViewer GmbH, Universitätsstraße 60, 44789 Bochum, Germany, into our websites.
Description of data processing and purpose
When using “Salesviewer,” a JavaScript-based tracking code is integrated into our websites, which is used to process the following company data:
● IP address of the visiting company
● Name, origin, and industry of the visiting company ● Keywords
● Your interactions with our websites (e.g., websites visited, time of visit, duration of visit)
No cookies or similar files are stored on the end devices of website visitors.
Instead, only the IP address of the website visitor is encrypted by the service using a non- reversible one-way function (known as hashing) and, after a pre-selection process to filter out accesses from private individuals’ IP addresses, is transferred to Salesviewer in pseudonymized form. The pseudonymized data is compared with a database limited to company-related data.
Insofar as company-related accesses can be identified within the scope of this process, SalesViewer provides us with corresponding company-related data on website visitors via a secure and encrypted login area, where we can also research further generally accessible data (e.g., address and contact details) on the visiting companies.
The purpose of data processing and our legitimate interest lie in conducting market research to identify companies as potential business partners and using these findings to optimize our marketing measures.
Legal basis for data processing
Insofar as we use cookies and similar technologies in connection with the integration of the service, or insofar as data is stored on your device or read from it by the service, this is done without your consent in accordance with any legal exceptions that may exist in your country. Subsequent data processing is based on Art. 6 (1) (f) GDPR.
You can object to data processing by “Salesviewer” at any time with effect for the future by deactivating further data processing at https://www.salesviewer.com/opt-out in order to prevent future collection by “Salesviewer” within our website. Clicking on the link will place an opt-out cookie for this website on your device. If you delete your cookies in this browser, you will need to click this link again.
Recipients
As part of data processing, your data will be transferred to the following recipients:
● SalesViewer GmbH, Universitätsstraße 60, 44789 Bochum, Germany. Storage
By integrating the services on our websites, data is transferred to the above-mentioned recipients and processed there for as long as necessary to achieve the stated purposes.
We integrate Google Fonts web fonts from Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA, into our websites.
In the European Union (EU) and the European Economic Area (EEA), the services are provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Description of data processing and purpose
Google Fonts enables us to use web fonts. To do this, when you visit our website, the required Google Fonts are loaded from your web browser into your browser cache. This is necessary so that your browser can also display our texts in a visually improved form. If your browser does not support this function, a standard font from your computer will be used for display.
Since Google Fonts is provided by Google and is downloaded from its servers when the page is accessed, the usage data technically required to access the page is also transmitted. Google also receives your IP address, which is technically necessary to retrieve the content.
The purpose and our legitimate interest in data processing through the integration of the service is to improve the appearance of our website for you and to make its design more user- friendly.
Legal basis for data processing
Insofar as we use cookies and similar technologies in connection with the integration of the service, or insofar as data is stored on your device or read from it by the service, this is done without your consent in accordance with any legal exceptions that may exist in your country. Subsequent data processing is carried out on the basis of Art. 6 (1) (f) GDPR.
Recipients
When using the services, the data collected via our websites is transmitted to the following recipients:
● Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland,
● Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.
We have no influence on further data processing by the third-party provider.
Further information on Google’s handling of personal data can be found at
https://policies.google.com/privacy?hl=de. Data processing in third countries
Your data will be transferred to recipients in third countries. For data transfers to the USA, there is an adequacy decision by the EU Commission with regard to companies certified under the EU-U.S. Data Privacy Framework. Google LLC is certified under the EU-U.S. Data Privacy Framework.
Additional information on this and further links can be found above in the section “General information on data transfers to third countries.”
Storage period
By integrating the services on our websites, data is transferred to the above-mentioned recipients and processed there for as long as is necessary to achieve the stated purposes. The data processed by the service and made available to us is not stored in our own systems beyond this.
Description of data processing and purpose
If you send us inquiries via the contact form or email, your details from the inquiry form or . Your email, including the personal data you provide there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions.
Providing an email address is necessary for us to contact you; providing your first and last name and your telephone number is voluntary. We will not disclose this data without your consent under any circumstances.
Legal basis for data processing
The legal basis for the processing of your data is your and our legitimate interest in responding to your request in accordance with Art. 6 (1) (f) GDPR and, if applicable, Art. 6 (1) (b) GDPR, provided that your request is aimed at concluding a contract.
Recipients
Within our company, we only pass on your personal data to those departments and individuals who need this data to fulfill contractual and legal obligations or to implement our legitimate interests.
We may transfer your personal data to affiliated companies, insofar as this is permissible within the scope of the purposes and legal bases set out in this privacy policy.
Your personal data will be processed on our behalf on the basis of data processing agreements in accordance with Art. 28 GDPR. In these cases, we ensure that the processing of personal data is carried out in accordance with the provisions of the GDPR. In this case, the categories of recipients are providers of Internet service providers and providers of customer management systems and software.
Otherwise, data will only be transferred to recipients outside the company if this is permitted or required by law, if the transfer is necessary for the execution and thus for the fulfillment of the contract or, at your request, for the implementation of pre-contractual measures, if we have your consent or if we are authorized to provide information.
Under these conditions, recipients of personal data may include, for example:
● External tax advisor
● Public authorities and institutions (e.g., public prosecutor’s office, police, supervisory authorities, tax office) in the event of a legal or official obligation,
● Recipients to whom the transfer is directly necessary for the establishment or fulfillment of a contract
● Other data recipients, provided you have given us your consent to the transfer of data.
Storage period
Your data will be deleted after your request has been processed, as soon as no further queries are expected and provided that there are no legal retention obligations to the contrary.
On our websites, we collect personal data via various web forms for the purpose of addressing you with advertising in order to promote the sale of our products, goods, or services by means of direct advertising.
These may be forms
● for registering for newsletters, webinars, or events,
● for booking appointments or product demo appointments, or
● for downloading white papers and other documents
Further information on the processing of your data for advertising purposes can be found in the following section of this privacy policy .
Below, we provide information about data processing in the Jodel app and the related processes carried out by us.
Registration is required to use Jodel. Depending on the operating system of your device, different types of data are processed during registration.
This includes data that we collect and process for technical reasons during registration:
The processed data is used to verify the authorization to use the Jodel platform and the Jodel account and to enable the use of the Jodel platform with all its functions.
The purpose of data processing is to enable users to register on the Jodel platform via the Jodel apps.
Legal basis for data processing
Data processing is carried out in accordance with Art. 6 (1) (b) GDPR for the purpose of implementing the user relationship.
Recipients
As part of data processing, your data will be transferred to the following categories of recipients or recipients that we use in the context of data processing to achieve the aforementioned purposes:
These recipients include, in particular:
Data processing in third countries
Your data will be transferred to recipients in third countries. For data transfers to the USA, there is an adequacy decision by the EU Commission with regard to companies certified under the EU-U.S. Data Privacy Framework. Amazon Web Services, Inc. and MongoDB, Inc. are certified under the EU-U.S. Data Privacy Framework.
Additional information on this and further links can be found above in the section “General information on data transfers to third countries.”
Storage period
We store your data for as long as is necessary to achieve the aforementioned purpose or for as long as you have not objected to the data processing. We then delete your data unless data processing is still permitted on another legal basis or is mandatory for us (e.g., in the case of statutory retention obligations).
Description of data processing and purpose
When you use the Jodel app, we process
The purpose of data processing is to enable users to use the Jodel platform and apps.
Legal basis for data processing
Data processing is carried out in accordance with Art. 6 (1) (b) GDPR for the purpose of implementing the user relationship.
Recipients
As part of data processing, your data will be transferred to the following categories of recipients or recipients that we use in the context of data processing to achieve the aforementioned purposes:
These are in particular the following recipients:
Data processing in third countries
Your data will be transferred to recipients in third countries. For data transfers to the USA, there is an adequacy decision by the EU Commission with regard to companies certified under the EU-U.S. Data Privacy Framework. Amazon Web Services, Inc. and MongoDB, Inc. are certified under the EU-U.S. Data Privacy Framework.
Additional information on this and further links can be found above in the section “General information on data transfers to third countries.”
Storage period
We store your data for as long as is necessary to achieve the aforementioned purpose or for as long as you have not objected to the data processing. We then delete your data unless data processing is still permitted on another legal basis or is mandatory for us (e.g., in the case of statutory retention obligations).
If you access Jodel websites directly from the Jodel app, we process your data as described above under “Privacy information for website visitors.”
Description of data processing and purpose
In order to comply with applicable youth protection laws, certain functions and content, such as channels, may only be accessible after age verification has been completed.
For this purpose, we process your age information and, if necessary, the result of the age verification, which we may also store on your device.
The purpose of data processing and our legitimate interest is to ensure effective protection of minors and to comply with the legal requirements for the protection of minors applicable in your country by only granting authorized persons access to certain content.
Legal basis for data processing
Data processing is carried out in accordance with Art. 6 (1) (c) GDPR in conjunction with the legal requirements for the protection of minors applicable in your country or in accordance with Art. 6 (1) (f) GDPR in our aforementioned legitimate interest.
As part of data processing, your data will be transferred to the following categories of recipients:
These are in particular the following recipients:
Recipients
Within the scope of data processing, your data will be transferred to the following categories of recipients or recipients that we use within the scope of data processing to achieve the aforementioned purposes:
● Software service providers who provide us with solutions for internal and external communication, for creating and editing documents, and for managing databases
● IT support and administration service providers. This includes the following recipients in particular:
● Intercom Inc., 55 2nd Street, Suite 400, San Francisco, California 94105, USA,
● Slack Technologies Limited, Salesforce Tower 60 R801, North Dock, Dublin, Ireland,
● Slack Technologies LLC, a Salesforce company, 415 Mission St, 3rd Floor, San Francisco, CA 94105, USA
● Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
● Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.
Use of artificial intelligence
Intercom
Artificial intelligence is used in the processing of your data.
The AI services “Intercom Fin AI Agent” and “” from Intercom Inc., 55 2nd Street, Suite 400,
San Francisco, California 94105, USA, are used.
The “Intercom Fin AI Agent” is a chatbot that enables us to efficiently handle user requests by
understanding and answering questions and solving problems independently.
The “Intercom Copilot” is an assistant that helps our support staff draft responses, summarize inquiries, and provide information quickly.
The purpose of data processing using AI and our legitimate interest lie in being able to efficiently handle communication with users regarding support requests.
Data processing using AI is carried out in accordance with Art. 6 (1) (f) GDPR in our aforementioned legitimate interest.
The recipients of your data in the context of data processing using AI are
● Intercom Inc., 55 2nd Street, Suite 400, San Francisco, California 94105, USA, Additional information on this and further links can be found above in the section “General
information on the use of artificial intelligence.”
Data processing in third countries
Your data will be transferred to recipients in third countries. For data transfers to the USA, there is an adequacy decision by the EU Commission with regard to companies certified under the EU-U.S. Data Privacy Framework. Intercom Inc., Slack Technologies LLC (via Salesforce), and Google LLC are certified under the EU-U.S. Data Privacy Framework.
Additional information on this and further links can be found above in the section “General information on data transfers to third countries.”
Storage period
We process the collected data for as long as is necessary to achieve the aforementioned purposes.
Description of data processing and purpose
Users of the apps can either use the Jodel platform in its standard version. This is free of charge and financed by advertising.
Jodel also offers users the paid versions “Jodel Pro” and “Jodel Plus.” Both versions are ad- free. In addition, “Jodel Plus” offers users additional extra features and rewards.
The paid versions can be purchased by users as subscriptions via in-app purchases.
Depending on the operating system of the device used, the purchase or subscription and its processing are carried out via the Apple App Store or the Google Play Store.
The operators of the app stores are solely responsible for data processing for payment processing of in-app purchases or subscriptions via the app store. In the course of purchasing or taking out a subscription, the data required for processing is transmitted to the operators.
In addition, Jodel receives information from the app store operators that a user has successfully purchased the “Jodel Pro” or “Jodel Plus” version and that the corresponding subscription is still valid.
The purpose of data processing is to enable the purchaser or subscriber to use the “Jodel Pro” and “Jodel Plus” versions.
Legal basis for data processing
Data processing is carried out in accordance with Art. 6 (1) (b) GDPR for the initiation and execution of in-app purchases and for the execution of the respective user agreement or subscription.
Source
As part of data processing, we receive data on in-app purchases made via the Apple App Store or Google Play Store from the respective store operator:
● Apple Distribution International Ltd., Hollyhill Industrial Estate, Hollyhill, Cork, Ireland,
● Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Recipients
As part of data processing, your data will be transferred to the following categories of recipients or recipients that we use in the context of data processing to achieve the aforementioned purposes:
● App store operators,
● Software service providers who provide us with solutions for processing and managing in-app purchases,
● IT support and administration service providers.
These are, in particular, the following recipients:
● RevenueCat, Inc., 1032 E Brandon Blvd #3003 Brandon, Florida 33511, USA,
● Apple Distribution International Ltd., Hollyhill Industrial Estate, Hollyhill, Cork, Ireland,
● Apple Inc., One Apple Park Way, Cupertino, California 94043, USA,
● Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland,
● Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.
Data processing in third countries
Your data will be transferred to recipients in third countries. For data transfers to the USA, there is an adequacy decision by the EU Commission with regard to companies certified under the EU-U.S. Data Privacy Framework. Google LLC is certified under the EU-U.S. Data Privacy Framework.
Apple Inc. and RevenueCat, Inc. are not yet certified, which means that transfers are not covered by the adequacy decision. To ensure an adequate level of data protection, standard data protection clauses are therefore concluded and further measures are taken to secure data transfers.
Additional information on this and further links can be found above in the section “General information on data transfer to third countries.”
Storage period
We process the collected data for as long as is necessary to achieve the aforementioned purposes.
Users of the apps can use the Jodel platform either in the free, ad-supported version or in the paid, ad-free versions “Jodel Pro” and “Jodel Plus.”
In the free version, users can choose in the settings whether they want to see non- personalized or personalized advertisements.
Non-personalized advertisements are displayed by Jodel itself via the apps. In this respect, Jodel is solely responsible for data processing.
Description of data processing and purpose
When we display non-personalized advertisements, we process the following data:
● User ID,
● IP address of the requesting entity (router or mobile device),
● Date and time of the ad display,
● ID of the advertisement,
● ID of the advertising customer.
The purpose of data processing and our legitimate interest lie in displaying non-personalized advertisements to Jodel users and being able to count the number of advertisements displayed in each case. The revenue generated enables us to finance the operation and further development of the Jodel platform and to make it available to users free of charge.
Legal basis for data processing
Data processing is carried out in accordance with Art. 6 (1) (f) GDPR in our aforementioned legitimate interest or in the aforementioned legitimate interest of the data subjects.
Recipients
As part of data processing, your data will be transferred to the following categories of recipients, which we use in the context of data processing to achieve the aforementioned purposes:
● Hosting and database service providers,
● IT support and administration service providers.
These are in particular the following recipients:
● Amazon Web Services EMEA SARL 28, Avenue John F. Kennedy, L 1855 Luxembourg, Luxembourg,
● Amazon Web Services, Inc., 2021 7th Ave, Seattle, Washington 98121, USA,
● MongoDB, Inc. MongoDB, Inc., 1633 Broadway FL 38, New York, New York 10019, USA.
Data processing in third countries
Your data will be transferred to recipients in third countries. For data transfers to the USA, there is an adequacy decision by the EU Commission with regard to companies certified under the EU-U.S. Data Privacy Framework. Amazon Web Services, Inc. and MongoDB, Inc. are certified under the EU-U.S. Data Privacy Framework.
Additional information on this and further links can be found above in the section “General information on data transfers to third countries.”
Storage period
We store your data for as long as is necessary to achieve the aforementioned purpose or for as long as you have not objected to the data processing. We then delete your data unless data processing is still permitted on another legal basis or is mandatory for us (e.g., in the case of statutory retention obligations).
Description of data processing and purpose
We offer advertising partners the opportunity to place advertisements on our platform directly and without the involvement of an advertising network and to display them to specific target groups.
We form the target groups. Our advertising partners can then select specific target groups. The partners do not know which users belong to the target group. We use the following data to form target groups:
● Information about the gender with which the user identifies
● Age at the time of registration and, consequently, current age or year of birth
● Information on occupational group or activity (student, trainee, pupil, high school graduate, doctoral student, college student, elementary school pupil, employer/self-employed, civil servant, pensioner, other)
● Current location (determined on the basis of Wi-Fi usage, cell tower queries, or GPS, if applicable)
● Information about your “home” (place of residence)
● Language of the app.
If we display personalized advertisements based on the target group formed, we process the following data:
● Target group
● User ID
● IP address of the requesting entity (router or mobile device),
● Date and time of the ad display,
● ID of the advertisement,
● ID of the advertising customer.
The purpose of data processing is to enable our advertising partners to display advertisements tailored to specific target groups and to count the number of advertisements displayed for commission calculation purposes. The revenue generated enables us to finance the operation and further development of the Jodel platform and to make it available to users free of charge.
Legal basis for data processing
The legal basis for target group formation and the display and playback of personalized advertising is your consent, provided that you have given this consent when setting up the app or in the settings under “Personalized Advertising.”
The use of cookies and similar technologies is based on consent, which may be required by law in your country. The subsequent data processing is based on Art. 6 (1) (a) GDPR.
Your consent is voluntary and can be revoked at any time with effect for the future. To exercise your right of revocation, please use the slider in the app settings under “Personalized advertising” to change your settings.
Recipients
As part of data processing, your data will be transferred to the following categories of recipients or recipients that we use in the context of data processing to achieve the aforementioned purposes:
● Hosting and database service providers,
● IT support and administration service providers.
These are in particular the following recipients:
● Amazon Web Services EMEA SARL 28, Avenue John F. Kennedy, L 1855 Luxembourg, Luxembourg,
● Amazon Web Services, Inc., 2021 7th Ave, Seattle, Washington 98121, USA,
● MongoDB, Inc. MongoDB, Inc., 1633 Broadway FL 38, New York, New York 10019, USA.
Data processing in third countries
Your data will be transferred to recipients in third countries. For data transfers to the USA, there is an adequacy decision by the EU Commission with regard to companies certified under
the EU-U.S. Data Privacy Framework. Amazon Web Services, Inc. and MongoDB, Inc. are certified under the EU-U.S. Data Privacy Framework.
Additional information on this and further links can be found above in the section “General information on data transfers to third countries.”
Storage period
We process the collected data for as long as is necessary to achieve the stated purposes.
As an app operator (known as a publisher), we offer various parties involved in online advertising (known as vendors or providers) the opportunity to use ad space in our apps to display advertisements to specific target groups . The ad space is then filled independently by the respective parties with advertisements from advertisers.
In these cases, Jodel is jointly responsible for data processing when displaying advertisements, alongside the advertisers and other parties involved.
In addition to Jodel and the respective advertiser, the following parties are regularly involved in data processing advertising networks, vendors, such as advertising agencies, ad server operators, measurement service providers demand-side platforms (DSPs, i.e., automated auction platforms for marketers of ad inventory) supply-side platforms (SSP, i.e., automated auction platforms for publishers and app developers to market their available advertising space) involved.
We integrate advertisements from providers via
● the Transparency & Consent Framework (TCF) of the European Association for the Digital Marketing and Advertising Ecosystem (IAB Europe), Rond-Point Robert, Schuman 11, 1040 Brussels, Belgium,
● Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, .
A list of the specific providers involved can be found in our consent management platform “Google UMP” under the menu item “Settings,” “Privacy settings,” and then “IAB providers” or “Google providers.”
Description of data processing and purpose
Data is regularly collected for the purpose of recognizing individual users or end devices, how users interact with advertisements (clicks), and subsequent actions on the target websites of the advertisers. In particular, data on so-called conversions is collected and processed on these target websites.
Cookies and similar technologies are used in the context of data processing to read data from your end device or to store it there.
In our apps, data is only collected to determine your membership of a target group on the basis of a recognition feature (user or end device pseudonyms) and to determine whether and when you clicked on the advertisement. The click information may be stored on your device using cookies and similar technologies and can then be read again by the advertiser’s target website, integrated services of the advertising network, or provider, together with other data about your behavior on the target website.
Further information on the advertising networks, integrated services, and their data processing can be found on our consent management platform “Google UMP,” which you can access again in the apps under the menu item “Settings” under “Privacy settings.”
The purpose of data processing is to enable advertisers and other parties involved or providers to display advertisements tailored to specific target groups and to count the number of advertisements displayed in our apps for commission calculation purposes. The revenue generated enables us to finance the operation and further development of the Jodel platform and to make it available to users free of charge.
Legal basis for data processing
The legal basis for data processing is your consent, provided that you have given it in the apps via our consent management platform “Google UMP.”
The use of cookies and similar technologies is based on consent, which may be required by law in your country. The subsequent data processing is based on Art. 6 (1) (a) GDPR.
Your consent is voluntary and can be revoked at any time with effect for the future. To exercise your right of revocation, you can access our consent management platform “Google UMP” at any time in the apps under the menu item “Settings” under “Privacy settings.”
Recipients
As part of data processing, your data will be transferred to the following categories of recipients or recipients that we use in the context of data processing to achieve the aforementioned purposes:
● Advertising networks and advertising network service providers. These are in particular the following recipients:
● Providers participating via TCF of IAB Europe,
● IAB Europe, Rond-Point Robert, Schuman 11, 1040 Brussels, Belgium,
● Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
● Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.
Data processing in third countries
Your data will be transferred to recipients in third countries. For data transfers to the USA, there is an adequacy decision by the EU Commission with regard to companies certified under the EU-U.S. Data Privacy Framework. Google LLC is certified under the EU-U.S. Data Privacy Framework.
For data transfers to providers in third countries participating in the IAB Europe TCF for which no adequacy decision has been made by the EU Commission, standard data protection clauses are concluded and further measures are taken to ensure data transfer security in order to guarantee an adequate level of data protection .
Additional information on this and further links can be found above in the section “General information on data transfers to third countries.”
In our app, we use the consent management platform “Google User Messaging Platform (UMP)” provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, which helps us manage your consent to the use of personal data and similar technologies when displaying personalized advertisements.
Description of data processing and purpose
If you give or refuse consent via our consent banner, the service processes the following data:
This data is logged on the provider’s servers.
As part of data processing, your consent ID and consent status are stored locally on your end device in accordance with the IAB Transparency and Consent Framework (TCF v2.2). This enables the app to read your consent status on subsequent launches and to activate or deactivate the use of personal data and other technologies in accordance with your decision.
The consent form is displayed only to users in GDPR-relevant counties (EEA, UK, and Switzerland). In accordance with legal requirements, the consent form will be shown again after 12 months.
The purpose of data processing and our legitimate interest lie in centrally controlling cookies and similar technologies integrated into our website, as well as integrated services, and in offering you a simple way to submit and revoke your declarations of consent , thereby fulfilling any obligation to obtain consent for the use of cookies and similar technologies that may exist in your country , as well as our accountability obligation pursuant to Art. 5 (2) GDPR with regard to your consent.
Legal basis for data processing
Our legitimate interest lies in centrally controlling cookies and similar technologies integrated into our website, as well as integrated services, and in offering you a simple way to give and revoke your declarations of consent, thereby fulfilling our legal and accountability obligations under Art. 5 (2) GDPR with regard to your consent.
Recipients
These are in particular the following recipients:
Your data will be transferred to recipients in third countries. For data transfers to the USA, there is an adequacy decision by the EU Commission with regard to companies certified under the EU-U.S. Data Privacy Framework. Google UMP LLC is certified under the EU-U.S. Data Privacy Framework.
Additional information on this and further links can be found above in the section “General information on data transfers to third countries.”
Storage period
Description of data processing and purpose
● our platform and apps function in a stable, efficient, and secure manner.
● Hardware and software problems can be identified and resolved,
● Identify user needs and obstacles in the operation and further development of the platform
To this end, regular
● USER ID
● IP address of the requesting entity (router or mobile device), as well as data
● on the devices used, operating systems and app versions and installation sources,
● location of use,
● time of use, duration of use, and the scrolling and clicking behavior of users
● to pages and functions accessed in the apps, such as posting, replying to posts, and participating in polls
● on any software and hardware errors that may have occurred and their causes
observed, analyzed, evaluated, and statistically processed for us by the service providers and software solutions used.
In the course of processing, the data is pseudonymized and aggregated (i.e., the data of a large number of users is combined in such a way that it is no longer possible to identify individual persons) or anonymized by removing the pseudonyms (e.g., by deleting or shortening IP addresses or deleting the user ID) to protect users, provided that the raw data is no longer required.
The purpose of data processing and our legitimate interest lie in ensuring the stable and secure operation of our platform and our apps within the scope of the user relationship, and in being able to further develop them in accordance with the technical requirements for hardware and the requirements of the providers of operating systems for mobile devices, as well as in accordance with the needs and wishes of users.
Legal basis for data processing
Data processing is carried out in accordance with Art. 6 (1) (b) GDPR or in accordance with Art. 6 (1) (f) GDPR in our aforementioned legitimate interest.
Recipients
In the context of data processing, your data will be transferred to the following categories of recipients or recipients that we use in the context of data processing to achieve the aforementioned purposes:
● Software service providers who provide us with solutions for monitoring and analyzing data sets,
● Software service providers who provide us with solutions for internal and external communication, for creating and editing documents, and for managing databases.
● IT support and administration service providers. These are in particular the following recipients:
● Blaze Analytics GmbH (LU35935057), 23 Boulevard Friedrich Wilhelm Raiffeisen, 2411 Luxembourg, Luxembourg
● Functional Software, Inc. (Sentry.io), 45 Fremont St., 8th Floor, San Francisco, California
94105, USA,
● Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
● Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA,
● Branch Metrics, Inc., 1975 W. El Camino Real, Suite 102, Mountain View, California
94040, USA
● Metabase, Inc., 9740 Campo Rd. Suite 1029, Spring Valley, California 91977, USA.
Data processing in third countries
Your data will be transferred to recipients in third countries. For data transfers to the USA, there is an adequacy decision by the EU Commission with regard to companies certified under the EU-U.S. Data Privacy Framework. Sentry.io (Functional Software Inc.), Branch Metrics, Inc. and Google LLC are certified under the EU-U.S. Data Privacy Framework.
For data transfers to the USA where the recipients are not certified under the EU-U.S. Data Privacy Framework, there is no adequacy decision by the EU Commission. Therefore, standard data protection clauses are concluded and further measures are taken to ensure an adequate level of data protection.
Additional information on this and further links can be found above in the section “General information on data transfers to third countries.”
Storage period
We store your data for as long as is necessary to achieve the aforementioned purpose or for as long as you have not objected to data processing. We then delete your data unless data processing is still permitted on the basis of another legal basis or is mandatory for us (e.g., in the case of statutory retention obligations).
Description of data processing and purpose
We monitor the use of our platform to ensure that it is not used by bots. Bots are automated programs that pretend to be human users. Once we have identified a user account as a potential bot, it is reviewed again by an employee and then blocked if necessary.
When searching for unauthorized use by bots, we check user behavior for anomalies. In particular, the following data is processed:
● Jodel profile data
● User ID (individual Jodel user ID)
● Registration date
● IP address
● Location data
● Karma points
● Device and app data
iOS devices:
● Device UID (=Unique device identifier)
● Device type and operating system data (device model and iOS version),
● Android devices:
● Android Advertising ID
● Digital rights management ID (DRM ID)
● Device type and operating system data (device model and Android version),
Device language
App version
● App usage data
● App sessions (number)
● Time of last app use,
● user activities including content data
The purpose of data processing and our legitimate interest is to prevent and stop the spread of spam and misinformation on our platform and to prevent abusive behavior that could harm our users in the future.
Legal basis for data processing
Data processing is carried out in accordance with Art. 6 (1) (f) GDPR in our aforementioned legitimate interest or in the aforementioned legitimate interest of the data subject or a third party.
Recipients
In the context of data processing, your data will be transferred to the following categories of recipients or recipients that we use in the context of data processing to achieve the aforementioned purposes:
● Software service providers who provide us with solutions and whom we use in the context of data processing to achieve the aforementioned purposes
● Hosting and database service providers,
● Software service providers who provide us with solutions for internal and external
communication, for creating and editing documents, and for managing databases,
● IT support and administration service providers.
These are in particular the following recipients:
● Amazon Web Services EMEA SARL 28, Avenue John F. Kennedy, L 1855 Luxembourg, Luxembourg,
● Amazon Web Services, Inc., 2021 7th Ave, Seattle, Washington 98121, USA,
● MongoDB, Inc. MongoDB, Inc., 1633 Broadway FL 38, New York, New York 10019, USA,
● Slack Technologies Limited, Salesforce Tower 60 R801, North Dock, Dublin, Ireland,
● Slack Technologies LLC, 415 Mission St, 3rd Floor, San Francisco, CA 94105, USA,
● Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland,
● Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.
Data processing in third countries
Your data will be transferred to recipients in third countries. For data transfers to the USA, there is an adequacy decision by the EU Commission with regard to companies certified under the EU-U.S. Data Privacy Framework. Slack Technologies LLC (via Salesforce), Google LLC, Amazon Web Services, Inc. and MongoDB, Inc. are certified under the EU-U.S. Data Privacy Framework.
Additional information on this and further links can be found above in the section “General information on data transfers to third countries.”
Storage period
We process the collected data for as long as is necessary to achieve the stated purposes.
Description of data processing and purpose
Users can contact our customer service via the app or by email, e.g., to answer general inquiries, to resolve technical problems when using the app, to receive reports of violations of the terms of use and community standards, and to process data protection requests.
When contacting our support team, personal data may be processed that is necessary for handling the inquiry and that you provide to us in the context of your inquiry. This includes, in particular
● Jodel profile data
● User ID (individual Jodel user ID)
● Registration date
● IP address
● Location data
● Karma points
● Device and app data
iOS devices:
● Device UID (=Unique device identifier)
● Device type and operating system data (device model and iOS version),
● Android devices:
● Android Advertising ID
● Digital rights management ID (DRM ID)
● Device type and operating system data (device model and Android version),
Device language
App version
● App usage data
● App sessions (number)
● Time of last app use,
● Activation of push notifications,
● Data on contacting our support team:
● Time of last contact,
● Response time,
● time of receipt,
● Email address, if applicable,
● user activities including content data, and
● other data, if applicable, that you provide to us in connection with your inquiry and its
processing.
The purpose and our legitimate interest in data processing is to be able to effectively process and handle your request to our support team and to implement related measures.
Legal basis for data processing
Data processing is carried out in accordance with Art. 6 (1) (b) GDPR for the fulfillment of the user relationship and Art. 6 (1) (f) GDPR in our legitimate interest or in the interest of the user.
Recipients
In the context of data processing, your data will be transferred to the following categories of recipients or recipients that we use in the context of data processing to achieve the aforementioned purposes:
● Hosting and database service providers,
● Software service providers who provide us with solutions for internal and external communication, for creating and editing documents, and for managing databases,
● IT support and administration service providers.
These are in particular the following recipients:
● Intercom Inc., 55 2nd Street, Suite 400, San Francisco, California 94105, USA,
● Slack Technologies Limited, Salesforce Tower 60 R801, North Dock, Dublin, Ireland,
● Slack Technologies LLC, 415 Mission St, 3rd Floor, San Francisco, CA 94105, USA,
● Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland,
● Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.
Use of artificial intelligence
Intercom
Artificial intelligence is used in the processing of your data.
The AI services “Intercom Fin AI Agent” and “” from Intercom Inc., 55 2nd Street, Suite 400,
San Francisco, California 94105, USA, are used.
Intercom Fin AI Agent is a chatbot that enables us to efficiently handle user requests by
understanding and answering questions and solving problems independently.
Intercom Copilot is an assistant that helps our support staff draft responses, summarize inquiries, and provide information quickly.
The purpose of data processing using AI and our legitimate interest is to be able to efficiently handle communication with users regarding support requests.
Data processing using AI is carried out in accordance with Art. 6 (1) (f) GDPR in our aforementioned legitimate interest.
The recipients of your data in the context of data processing using AI are
● Intercom Inc., 55 2nd Street, Suite 400, San Francisco, California 94105, USA, Additional information on this and further links can be found above in the section “General
information on the use of artificial intelligence.” Data processing in third countries
Your data will be transferred to recipients in third countries. For data transfers to the USA, there is an adequacy decision by the EU Commission with regard to companies certified under the EU-U.S. Data Privacy Framework. Intercom Inc., Slack Technologies LLC (via Salesforce), and Google LLC are certified under the EU-U.S. Data Privacy Framework.
Additional information on this and further links can be found above in the section “General information on data transfers to third countries.”
Storage period
We store your data for as long as is necessary to achieve the aforementioned purpose or for as long as you have not objected to the data processing. We then delete your data unless data processing is still permitted on another legal basis or is mandatory for us (e.g., in the case of statutory retention obligations).
Description of data processing and purpose
If you give us a declaration of consent, we process your personal data about the circumstances and time of the declaration in order to be able to prove, within the scope of our accountability
under Art. 5 (2f) GDPR, that you have consented to the data processing in question. The same applies to the revocation of your consent.
If you exercise your rights as a data subject under the GDPR, we will also process your personal data in order to be able to demonstrate, within the scope of our accountability under Art. 5 (2f) GDPR, that we have complied with the GDPR when processing your request.
Legal basis for data processing
Processing is carried out on the basis of Art. 6 (1) (c) GDPR in conjunction with Art. 5 (2) (f) GDPR or Art. 6 (1) (f) GDPR. Our legitimate interest lies in being able to document compliance with the requirements of the GDPR within the scope of our accountability.
Recipients
In the context of data processing, your data will be transferred to the following categories of recipients or recipients that we use in the context of data processing to achieve the aforementioned purposes:
● External data protection officers,
● Data protection supervisory authorities,
● Service providers who support us in complying with data protection regulations,
● Software service providers who provide us with solutions for internal and external
communication, for creating and editing documents, and for managing databases.
These are in particular the following recipients:
● Proliance GmbH, Leopoldstr. 21, 80802 Munich, Germany.
● Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland,
● Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.
Data processing in third countries
Your data will be transferred to recipients in third countries. For data transfers to the USA, there is an adequacy decision by the EU Commission with regard to companies certified under the EU-U.S. Data Privacy Framework. Google LLC is certified under the EU-U.S. Data Privacy Framework.
Additional information on this and further links can be found above in the section “General information on data transfers to third countries.”
Storage period
We store your data for as long as is necessary to achieve the aforementioned purpose. We regularly store data relating to consent given until the end of the third year after the end of the year in which we last made use of it. Data that we process in connection with the implementation of data subject rights is regularly stored for a period of three years from the end of the year in which you exercised your data subject rights.
We then delete your data unless data processing, possibly also in other systems, is still permitted on another legal basis or is mandatory for us (e.g., in the case of statutory retention obligations).
Further information on data processing can be found below in the section “Data protection information for data processing to comply with data protection regulations.”
Description of data processing and purpose
We monitor compliance with our Terms of Use and Community Standards by Jodel users. In this context, moderators from the Jodel community and we ourselves may review the activities of users on our platform, investigate possible violations, and prevent them after receiving reports from users, moderators, or external third parties, or if we otherwise detect any irregularities.
To this end, we process all data relevant to the handling, investigation, prevention, and, if necessary, sanctioning of the violation in individual cases, in particular
● Jodel profile data
● User ID (individual Jodel user ID)
● Registration date
● IP address
● Location data
● Karma points
● Device data
● App usage data,
● Karma
● User activities, including content data and
● Data relating to contacting our support team, if applicable
● User activities, including content data, and
● data on possible or confirmed violations of the terms of use.
The purpose and our legitimate interest in data processing is to effectively enforce our Terms of Use and Community Standards for all users, to protect other users from violations and harm, and to effectively sanction users who violate the Terms of Use.
Legal basis for data processing
Data processing is carried out in accordance with Art. 6 (1) (b) GDPR for the fulfillment of the user relationship and Art. 6 (1) (f) GDPR in our legitimate interest.
Recipients
As part of data processing, your data will be transferred to the following categories of recipients or recipients that we use in the context of data processing to achieve the aforementioned purposes:
● Jodel moderators,
● Hosting and database service providers,
● Service providers who provide us with solutions for screening and moderating content, in particular image and video material,
● Software service providers who provide us with solutions for internal and external communication, for creating and editing documents, and for managing databases,
● IT support and administration service providers. These recipients include, in particular:
● Amazon Web Services EMEA SARL 28, Avenue John F. Kennedy, L 1855 Luxembourg, Luxembourg,
● Amazon Web Services, Inc., 2021 7th Ave, Seattle, Washington 98121, USA,
● MongoDB, Inc. MongoDB, Inc., 1633 Broadway FL 38, New York, New York 10019, USA,
● araCreate GmbH, Hubertusstraße 5, 12163 Berlin, Germany,
● Intercom Inc., 55 2nd Street, Suite 400, San Francisco, California 94105, USA,
● Slack Technologies Limited, Salesforce Tower 60 R801, North Dock, Dublin, Ireland,
● Slack Technologies LLC, 415 Mission St, 3rd Floor, San Francisco, CA 94105, USA,
● Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland,
● Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.
Use of artificial intelligence
Artificial intelligence is used in the processing of your data.
AWS Rekognition
The AI service “AWS Rekognition” from Amazon Web Services EMEA SARL 28, Avenue John F. Kennedy, L 1855 Luxembourg, Luxembourg, is used.
The aforementioned provider is the authorized EU representative of Amazon Web Services, Inc., P.O. Box 81226, Seattle, WA 98108-1226, USA.
The AI service enables us to use AI to check image and video recordings for content that does not comply with the terms of use. This allows us to immediately identify clearly inadmissible recordings and take appropriate action, as well as filter unclear content and forward it to the relevant moderators for review before publication.
The purpose of data processing using AI and our legitimate interest lie in being able to ensure, in an efficient and effective manner, that the Terms of Use of our platform are complied with.
Data processing using AI is carried out in accordance with Art. 6 (1) (f) GDPR in our aforementioned legitimate interest.
Recipients of your data in the context of data processing using AI are
● Amazon Web Services EMEA SARL 28, Avenue John F. Kennedy, L 1855 Luxembourg, Luxembourg,
● Amazon Web Services, Inc., 2021 7th Ave, Seattle, Washington 98121, USA,
Additional information on this topic and further links can be found above in the section “General information on the use of artificial intelligence.”
Intercom AI
Artificial intelligence is used in the processing of your data.
The AI services “Intercom Fin AI Agent” and “” from Intercom Inc., 55 2nd Street, Suite 400,
San Francisco, California 94105, USA, are used .
Intercom Fin AI Agent is a chatbot that enables us to efficiently handle user requests by
understanding and answering questions and solving problems independently.
The “Intercom Copilot” is an assistant that helps our support staff draft responses, summarize inquiries, and provide information quickly.
The purpose of data processing using AI and our legitimate interest lie in being able to efficiently handle communication with users regarding possible violations of our platform’s terms of use.
Data processing using AI is carried out in accordance with Art. 6 (1) (f) GDPR in our aforementioned legitimate interest.
Recipients of your data in the context of data processing using AI are
● Intercom Inc., 55 2nd Street, Suite 400, San Francisco, California 94105, USA, Additional information on this and further links can be found above in the section “General
information on the use of artificial intelligence.” Data processing in third countries
Your data will be transferred to recipients in third countries. For data transfers to the USA, there is an adequacy decision by the EU Commission with regard to companies certified under the EU-U.S. Data Privacy Framework. Intercom Inc., Slack Technologies LLC (via Salesforce), Google LLC, Amazon Web Services, Inc., and MongoDB, Inc. are certified under the EU-U.S. Data Privacy Framework.
Additional information on this and further links can be found above in the section “General information on data transfers to third countries.”
Storage period
We store your data for as long as is necessary to achieve the aforementioned purpose or for as long as you have not objected to the data processing. We then delete your data unless data processing is still permitted on another legal basis or is mandatory for us (e.g., in the case of statutory retention obligations).
Description of data processing and purpose
Users who violate our Terms of Use and Community Standards may be sanctioned. The sanction consists of a short-term or longer-term exclusion from the use of our app (blocking or so-called ban).
When deciding on a short-term or long-term block, notifying the user of this block, enforcing it, and, if necessary, deciding on its removal, we process the following data in particular:
● User ID
● App language
● For iOS devices: Universally Unique Identifier (UUID), Device Unique Identifier (Device-
UID)
● For Android devices: Android Advertising ID, Digital Rights Management ID (DRM ID)
● Blocking status
● Type of block,
● Reasons for the lock, including user activities and content data,
● Duration of the block,
● Moderator status, if applicable
● Status of a previous observation, if applicable Legal basis for data processing,
● Data on the purchase of the end device, if applicable.
The purpose and our legitimate interest in data processing is to effectively enforce and sanction our Terms of Use and Community Standards for all users.
Legal basis for data processing
Data processing is carried out in accordance with Art. 6 (1) (b) GDPR for the fulfillment of the user relationship and Art. 6 (1) (f) GDPR in our legitimate interest.
Recipients
As part of data processing, your data will be transferred to the following categories of recipients or recipients that we use in the context of data processing to achieve the aforementioned purposes:
● Jodel moderators,
● Hosting and database service providers,
● Software service providers who provide us with solutions for internal and external
communication, for creating and editing documents, and for managing databases,
● IT support and administration service providers.
These are in particular the following recipients:
● Amazon Web Services EMEA SARL 28, Avenue John F. Kennedy, L 1855 Luxembourg, Luxembourg,
● Amazon Web Services, Inc., 2021 7th Ave, Seattle, Washington 98121, USA,
● MongoDB, Inc. MongoDB, Inc., 1633 Broadway FL 38, New York, New York 10019, USA.
● Intercom Inc., 55 2nd Street, Suite 400, San Francisco, California 94105, USA,
● Slack Technologies Limited, Salesforce Tower 60 R801, North Dock, Dublin, Ireland,
● Slack Technologies LLC, 415 Mission St, 3rd Floor, San Francisco, CA 94105, USA,
● Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland,
● Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.
Data processing in third countries
Your data will be transferred to recipients in third countries. For data transfers to the US, there is an adequacy decision by the EU Commission with regard to companies certified under the EU-US Data Privacy Framework. Intercom Inc., Slack Technologies LLC (via Salesforce), Google LLC, Amazon Web Services, Inc., and MongoDB, Inc. are certified under the EU-U.S. Data Privacy Framework.
Additional information on this and further links can be found above in the section “General information on data transfers to third countries.”
Storage period
We store your data for as long as is necessary to achieve the aforementioned purpose or for as long as you have not objected to the data processing. We then delete your data unless data processing is still permitted on another legal basis or is mandatory for us (e.g., in the case of statutory retention obligations).
Description of data processing and purpose
In individual cases, we may be required by law or court order in certain countries to disclose personal data to affected persons, investigative authorities, courts, lawyers, or parties to a legal dispute.
Such legal regulations may include, in particular, data protection standards (e.g., within the scope of the right to information under Art. 15 GDPR) or standards of the respective civil or criminal procedure law to which we are subject as a responsible company.
The purpose of data processing is to enable us to fulfill our respective legal obligations.
Legal basis for data processing
Data processing is carried out in accordance with Art. 6 (1) (c) GDPR in conjunction with the respective legal norm, in particular Art. 15 GDPR and civil and criminal procedural law standards, in order to fulfill our legal obligations.
Recipients
In the context of data processing, your data will be transferred to the following categories of recipients or recipients that we use in the context of data processing to achieve the aforementioned purposes:
● Data subjects exercising their rights under Art. 15 GDPR
● Investigative authorities,
● Courts
● Lawyers,
● Parties to a legal dispute.
Data processing in third countries
Your data may also be processed in countries outside the European Union (EU) and the European Economic Area (EEA) in third countries.
When your data is transferred to recipients in third countries for which no adequacy decision exists, there is a risk that local authorities may access your data for security and surveillance purposes without you being informed or being able to seek legal redress.
If there is neither an adequacy decision by the EU Commission for the third country nor standard contractual clauses have been concluded with the recipient, data will be transferred in individual cases as an exception
● in accordance with Art. 49 (1) (e) GDPR, insofar as the data transfer is necessary for the assertion, exercise, or defense of legal claims.
Storage period
We store your data for as long as is necessary to achieve the aforementioned purpose or for as long as you have not objected to the data processing. We then delete your data unless data processing is still permitted on another legal basis or is mandatory for us (e.g., in the case of statutory retention obligations).
Description of data processing and purpose
We do not regularly disclose data without an express legal obligation or a court order.
However, in certain individual cases, we may disclose data even without a corresponding obligation or order. These are special individual cases in which either
● there is a significant risk to the health or life of a user or a third party,
● it concerns the prevention or investigation of extremely serious crimes, or
● the disclosure is necessary to protect the legitimate interests and rights of third parties
and the interests of the user concerned do not outweigh these interests.
The purpose of data processing and our legitimate interest lie in protecting users and third parties from significant risks to health and life, preventing or investigating extremely serious crimes, and safeguarding the legitimate interests and rights of third parties.
Legal basis for data processing
Data processing is carried out in accordance with Art. 6 (1) (f) GDPR in our aforementioned legitimate interest or in the aforementioned legitimate interest of the data subject or a third party.
Recipients
In the context of data processing, your data will be transferred to the following categories of recipients or recipients that we use in the context of data processing to achieve the aforementioned purposes:
● Users, third parties, or, where applicable, their relatives
● Authorities for hazard prevention, in particular police and investigative authorities
● lawyers,
● courts.
Data processing in third countries
Your data may also be processed in countries outside the European Union (EU) and the European Economic Area (EEA) in third countries.
When your data is transferred to recipients in third countries for which no adequacy decision exists, there is a risk that local authorities may access your data for security and surveillance purposes without you being informed or being able to seek legal redress.
If there is neither an adequacy decision by the EU Commission for the third country nor standard contractual clauses have been concluded with the recipient, data transfer will take place in individual cases as an exception
● in accordance with Art. 49 (1) (e) GDPR, insofar as the data transfer is necessary for the establishment, exercise, or defense of legal claims, or
● in accordance with Art. 49 (1) (f) GDPR, insofar as the transfer is necessary to protect the vital interests of the data subject or other persons, provided that the data subject is physically or legally incapable of giving their consent.
Storage period
We store your data for as long as is necessary to achieve the aforementioned purpose or for as long as you have not objected to the data processing. We then delete your data unless data processing is still permitted on another legal basis or is mandatory for us (e.g., in the case of statutory retention obligations).
We store your data for as long as is necessary to achieve the aforementioned purpose or for as long as you have not objected to data processing. We then delete your data unless data processing is still permitted on the basis of another legal basis or is mandatory for us (e.g., in the case of statutory retention obligations).
Description of data processing and purpose
We process your personal data if it is necessary for the establishment, execution, and fulfillment of a contract, as well as for the implementation of pre-contractual measures.
We only process data that is related to the establishment of the contract or pre-contractual measures. This may include general data about you or persons in your company (name, address, contact details, etc.) as well as any other data that you provide to us in the course of establishing the contract.
Legal basis for data processing
Insofar as personal data is required for the initiation or execution of a contractual relationship or in the context of the implementation of pre-contractual measures, processing is lawful in accordance with Art. 6 (1) (b) GDPR.
Sources
We process personal data that we receive from you by mail, telephone, or email via forms on our website or via one of our social media profiles in the context of establishing contact or a contractual relationship or in the context of pre-contractual measures.
Recipients
In the context of data processing, your data will be transferred to the following categories of recipients or recipients that we use in the context of data processing to achieve the aforementioned purposes:
● Software service providers who provide us with solutions for internal and external communication, for creating and editing documents, and for managing databases
● External tax advisor
● Public authorities and institutions (e.g., public prosecutor’s office, police, supervisory
authorities, tax office) in the event of a legal or official obligation
● Recipients to whom the transfer is directly necessary for the establishment or fulfillment of
a contract
● Other data recipients, provided you have given us your consent to the transfer of data.
These recipients include, in particular:
● Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland,
● Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.
Data processing in third countries
Your data will be transferred to recipients in third countries. For data transfers to the USA, there is an adequacy decision by the EU Commission with regard to companies certified under
the EU-U.S. Data Privacy Framework. Google LLC is certified under the EU-U.S. Data Privacy Framework.
Additional information on this and further links can be found above in the section “General information on data transfers to third countries.”
Storage period
Where necessary, we process and store your personal data for the duration of our business relationship or for the fulfillment of contractual purposes. This also includes the initiation and execution of a contract.
In addition, we are subject to various storage and documentation obligations, which arise, among other things, from the German Commercial Code (HGB) and the German Fiscal Code (AO). The periods for storage and documentation prescribed therein are two to ten years. If other, longer periods apply to us in your country in accordance with the relevant legal provisions, these will be used as a basis.
Finally, the storage period is also based on the statutory limitation periods, which, for example, according to §§ 195 ff. of the German Civil Code (BGB), are generally three years, but in certain cases can also be up to thirty years, or according to the statutory limitation periods applicable in your country.
Necessity of providing personal data
The provision of personal data for the decision to conclude a contract, the fulfillment of the contract, or the implementation of pre-contractual measures is voluntary. However, we can only make a decision within the framework of contractual measures if you provide the personal data necessary for the conclusion of the contract, the fulfillment of the contract, or pre-contractual measures.
Description of data processing and purpose
We manage customer and prospect data. This includes data from existing or potential customers, business partners, or local contacts for advertising purposes.
Legal basis for data processing
The legal basis for data management is Art. 6 (1) (f) GDPR or Art. 6 (1) (a) GDPR, depending on which of the two legal bases we use to justify the respective advertising communication by email, telephone, or post. Further information on this can be found in this section of the privacy policy.
Recipients
In the context of data processing, your data will be transferred to the following categories of recipients or recipients that we use in the context of data processing to achieve the aforementioned purposes:
● Software service providers who provide us with solutions for managing customer data,
● IT support and administration service providers.
These are in particular the following recipients:
● Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland,
● Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.
Data processing in third countries
Your data will be transferred to recipients in third countries. For data transfers to the USA, there is an adequacy decision by the EU Commission with regard to companies certified under the EU-U.S. Data Privacy Framework. Google LLC is certified under the EU-U.S. Data Privacy Framework.
Additional information on this and further links can be found above in the section “General information on data transfers to third countries.”
Storage period
We store your data for as long as is necessary to achieve the aforementioned purpose, as long as you have not objected to the data processing or revoked your consent. We will then delete your data unless data processing is still permitted on another legal basis or is mandatory for us (e.g., in the case of statutory retention obligations).
Description of data processing and purpose
We process data collected from you as a prospective customer, e.g., via forms on our website, as well as data collected from you as a customer or employee of an customer in the context of pre-contractual measures or in the context of contract fulfillment, in order to find out which of our products, goods, services, events, and offers, or which of our cooperation partners prospective customers and customers are interested in, how we can improve these if necessary, and how we can optimize our advertising measures. In order to be able to address prospective customers in a more targeted manner, we use the data to form so-called target groups. Your information from customer satisfaction surveys conducted by us may also be included in the analysis and evaluation.
For this purpose, we may collect your information and data about
● your company (e.g., size, industry)
● your position in the company,
● your country,
● your areas of interest or product categories,
● as well as the referral source, i.e., information about how you became aware of our company.
Legal basis for data processing
The legal basis for the processing of your data is Art. 6 (1) (f) GDPR. Our legitimate interests lie in further developing our products and services in line with market requirements, as well as better understanding the needs and interests of our customers and potential customers, and enabling target group-oriented direct advertising on this basis.
Recipients
In the context of data processing, your data will be transferred to the following categories of recipients or recipients that we use in the context of data processing to achieve the aforementioned purposes:
● Service providers and software service providers who provide us with solutions for analyzing customer and prospect data and for conducting market research and customer satisfaction surveys
● Software service providers who provide us with solutions for internal and external communication, for creating and editing documents, and for managing databases.
● IT support and administration service providers. These recipients include, in particular:
● Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
● Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.
Data processing in third countries
Your data will be transferred to recipients in third countries. For data transfers to the USA, there is an adequacy decision by the EU Commission with regard to companies with certification under the EU-U.S. Data Privacy Framework. Google LLC is certified under the EU- U.S. Data Privacy Framework.
Additional information on this and further links can be found above in the section “General information on data transfers to third countries.”
Storage period
We store your data for as long as is necessary to achieve the aforementioned purpose or for as long as you have not objected to the data processing. We then delete your data unless data processing is still permitted on another legal basis or is mandatory for us (e.g., in the case of statutory retention obligations).
For data protection information for applicants, please use the following link:
https://jodel.jobs.personio.de/privacy-policy?language=de
Below you will find information on how we handle your data that is collected through your use of our social media profiles on social networks and platforms.
We maintain profiles, appearances, pages, or fan pages on the following social media platforms:
https://de.linkedin.com/company/jodel-app
https://www.facebook.com/Jodel
https://www.instagram.com/jodelapp
https://www.instagram.com/jodelbelarabi
https://www.instagram.com/jodelitalia
https://www.instagram.com/jodel.en
https://www.instagram.com/jodelfrancais
https://www.instagram.com/yodelespana
https://www.instagram.com/jodel_usa
Threads
https://www.threads.com/@jodelapp
TikTok
https://www.tiktok.com/@jodelapp
X
https://x.com/jodelapp
Depending on how the platform operators and we as site operators are involved in the processing of your personal data, the respective responsibility or role differs.
We may either be jointly responsible with the platform operator, or the platform operator may be solely responsible.
There is joint responsibility between us and the following platform operators:
LinkedIn – LinkedIn Ireland Unlimited Company, Wilton Plaza, Gardner House 4,5,6, Dublin 2, Irland
Facebook – Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Irland
As the site operator, we are jointly responsible with the providers of the respective platforms for the processing of your personal data in connection with your visit to the site, profile, page, or fan page on the platforms if the platform operators provide aggregated information about visitors to our profiles, sites, pages, or fan pages (e.g., so-called “insights” or “analytics”).
In the case of joint responsibility, we have concluded agreements with the platform operators in accordance with Art. 26 GDPR on joint responsibility for the processing of your personal data (e.g., Page Controller Addendum or Joint Controller Addendum).
This agreement specifies which data processing operations we or the respective platform operator are responsible for. You can view these agreements at the following links:
LinkedIn – https://legal.linkedin.com/pages-joint-controller-addendum
Facebook – https://www.facebook.com/legal/terms/page_controller_addendum
Further information on data processing by the platform operators can be found in their privacy policies:
LinkedIn – https://www.linkedin.com/legal/privacy-policy
Facebook – https://de-de.facebook.com/privacy/policy
You can contact the data protection officers of the platform operators here:
To contact the data protection officer at LinkedIn, you can use the contact form at the following link: https://www.linkedin.com/help/linkedin/ask/TSO-DPO.
To contact the data protection officer at LinkedIn, you can use the contact form at the following link: https://www.facebook.com/help/contact/540977946302970.
When you access our profiles on the aforementioned platforms, cookies and similar technologies are used by the platform operator on your terminal device to store data on your terminal device or to read data from it. This access or storage may involve further processing of personal data within the meaning of the GDPR.
In cases where such access to or storage of information is absolutely necessary for the technically error-free provision of the services, this is done on the basis of consent, which may be required by law in your country. Any subsequent data processing is carried out on the basis of Art. 6 (1) (f) GDPR.
In cases where such a process serves other purposes (e.g., the needs-based design of our website), this is done on the basis of consent to the use of cookies and similar technologies, as may be required by law in your country. Follow-up data processing may be carried out on the basis of Art. 6 (1) (a) GDPR.
Consent can be revoked at any time for the future. The provisions of the GDPR apply to the processing of your personal data.
Further information on the use of cookies and similar technologies and their legal basis can be found in the respective privacy policy of the platform operator. Links to the respective privacy policies can be found above. If you have any further questions on this subject, please contact the operator of the respective social media platform directly.
As a rule, personal data on our social media profile is primarily processed for market research and advertising purposes by the platform operator. Insofar as data collection also takes place directly on our social media profile, we participate in the data processing of the platform operator and are therefore jointly responsible with them in this respect.
Cookies and similar technologies are used in data processing, which enable the platform operator to recognize you when you visit a social media profile. In addition, for members of the social media platform, the platform operator conducts a comprehensive evaluation of your interactions on the platform (clicks, comments, and likes) and processes the information you have provided to the platform operator, such as your master data, profile picture, or name. In particular, demographic information (age, gender, country, industry, occupation, etc.) from your own member profile may also be processed.
The collected data can be used to create usage profiles. These are then used by the platform operator to place advertisements within and outside the platform that are presumed to correspond to your interests.
Although we do not have direct access to the data processed by the platform operator, we also benefit from this data processing by placing appropriate advertisements within or outside the platforms based on the target groups identified by the platform operator.
The legal basis for the processing of your personal data in this regard is your consent given to the platform operator in accordance with Art. 6 (1) (a) GDPR.
Please note that we have no influence on the data collection and further processing carried out under the responsibility of the platform operators. As a result, we cannot provide any information on the extent, location, and duration of the data storage by the platform operator.
Further information on this can be found in the data protection information of the respective provider.
In addition, your data is processed jointly in connection with so-called “Page Insights” or “Page Analytics.”
“Page Insights” or “Page Analytics” are analysis functions provided by the platform operator, which are used to jointly collect the master data processed by you, in particular demographic data and data on your interactions with our profile, by the platform operator and us.
The platform operator then analyzes this data and creates summarized data (so-called aggregated data) for us, from which we can identify which demographic target group has visited our profile and how our profile was used by this group.
We also have no direct access to the data processed by the platform operator. This data is only made available to us by the platform operator in aggregated form. This means that we cannot recognize individual visitors or their interactions from the summarized data.
We then use this aggregated data to tailor our social media profile to the target group and, in general, to optimize it in relation to the aforementioned advertising purposes (increasing the reach and awareness of our profile and evaluating the success of marketing campaigns).
The legal basis for the processing of your personal data in this regard is your consent given to the platform operator in accordance with Art. 6 (1) (a) GDPR.
Please note that we have no influence on the data collection and further processing carried out by the platform operators. As a result, we cannot provide any information about the extent, location, and duration of data storage by the platform operator.
Further information on this can be found in the data protection information of the respective provider.
If you are asked by the respective platform operator for consent to processing for a specific, common purpose, the legal basis for processing is Art. 6 (1) lit. a, Art. 7 GDPR. Consent that has been given can be revoked at any time with effect for the future.
If we pass on personal data to the operators of social media platforms, the latter are recipients of the data within the meaning of Art. 4 No. 9 GDPR.
LinkedIn Ireland Unlimited Company, Wilton Plaza, Gardner House 4,5,6, Dublin 2, Irland
LinkedIn Corp., 1000 W. Maude Ave, Sunnyvale, CA 94085, USA
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Irland Meta Platforms, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA
When you visit our social media profiles, your data may also be processed in countries outside the European Union (EU) and the European Economic Area (EEA), in particular in the USA.
For data transfers to the USA, there is an adequacy decision by the EU Commission pursuant to Art. 45 (1) GDPR with regard to companies certified under the EU-U.S. Data Privacy Framework, which can be viewed at the following link: Data protection adequacy for non-EU countries.
LinkedIn Corp. is certified under the EU-U.S. Data Privacy Framework and is therefore committed to complying with appropriate data protection standards, which can be viewed at the following link: Participant Search (dataprivacyframework.gov)
Meta Platforms, Inc.
Meta Platforms, Inc. is certified under the EU-U.S. Data Privacy Framework and is therefore committed to complying with appropriate data protection standards, which can be viewed at the following link: Participant Search (dataprivacyframework.gov).
When your data is transferred to recipients in third countries for which no adequacy decision exists, there is a risk that local authorities may access your data for security and surveillance purposes without you being informed or being able to seek legal redress.
To ensure an adequate level of data protection when transferring your data to recipients in such third countries, standard data protection clauses of the European Commission pursuant
to Art. 46 (2) lit. c GDPR are concluded. They oblige the recipient of the data to process it in accordance with the European level of protection.
If the standard data protection clauses are not sufficient to guarantee the level of protection, additional technical, contractual, or organizational measures will be taken to secure the data transfer. In addition, regular reviews and assessments will be carried out to determine whether these additional measures continue to guarantee an adequate level of data protection or whether further supplementary measures need to be taken.
If you, as a visitor to the site, wish to exercise your rights (information, correction, deletion, restriction, data portability, complaint to the supervisory authority, objection or revocation), you can contact both the platform operator and us.
You can use the LinkedIn settings to restrict the visibility of your LinkedIn account (also) to us.
For more information on exercising your rights, please refer to LinkedIn’s privacy policy at the following link: https://www.linkedin.com/legal/privacy-policy
You can use your Facebook settings to restrict the visibility of your Facebook account (also) to us. You can also adjust your advertising settings yourself in your platform account. To do this, click on the following link and log in: https://www.facebook.com/settings?tab=ads.
For more information on exercising your rights, please refer to LinkedIn’s privacy policy at the following link: https://www.facebook.com/about/privacy.
If your personal data is processed by one of the social media platform operators listed below, this processing is carried out under the responsibility of the platform operator within the meaning of Art. 7 No. 4 GDPR.
Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Irland
Threads
Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Irland
TikTok
TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Irland
X
Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Irland
We have no influence on data processing by platform operators. For further information, please check the privacy policy of the respective platform operator:
Instagram, Threads & X:
http://instagram.com/about/legal/privacy
https://x.com/de/privacy
To exercise your rights as a data subject, please note that these can be most effectively exercised with the respective providers. Only they have access to the data they have collected from you. However, if you need assistance, please feel free to contact us at any time.
We are solely responsible for the following data processing via our social media profiles.
When you visit or interact with our social media profile, we process your personal data.
This may include information that you actively provide (comments, likes, and information you make publicly available, such as your profile picture or name). Depending on the provider and your settings on the provider’s platform, we may also be informed about who has accessed our profile within the platform.
The legal basis for the processing of personal data when operating our social media profile is Art. 6 (1) (f) GDPR.
The legitimate interest lies in addressing visitors for advertising purposes and in providing an effective means of communication and interaction with our company on the social media platform.
We collect personal data ourselves when you contact us, for example, via a contact form or a messenger function on the respective platform.
The data collected depends on the information you provide and the contact details you specify or share. This data is stored by us for the purpose of processing your inquiry and in case of follow-up questions.
The legal basis for processing the data is our legitimate interest in responding to your request in accordance with Art. 6 (1) (f) GDPR.
Your data will be deleted after your request has been processed, provided that there are no legal retention obligations to the contrary. We assume that the matter has been conclusively processed if it can be inferred from the circumstances that the matter in question has been conclusively clarified.
If you contact us via a social network or other platform with the aim of concluding a contract for the delivery of goods or the provision of services with us, we will process your data for the purpose of fulfilling the contract or carrying out pre-contractual measures or providing the desired services.
In this case, the legal basis for the processing of your data is Art. 6 (1) (b) GDPR.
Your data will be deleted when it is no longer required for the performance of the contract or when it is clear that the pre-contractual measures will not lead to the conclusion of a contract corresponding to the purpose of the contact.
Please note, however, that even after conclusion of the contract, it may be necessary to store personal data of our contractual partners in order to comply with contractual or legal obligations.
If we ask you for your consent to processing for a specific purpose, the legal basis for the processing is Art. 6 para. 1 lit. a, Art. 7 GDPR. Consent that has been given can be revoked at any time with effect for the future.
The personal data collected by us will be deleted from our system when it is no longer required for the purposes specified at the time of collection or when you have exercised your right of revocation or objection. Statutory retention periods remain unaffected. We have no influence on the storage period of your data stored by social media providers for their own purposes. For details, please contact them directly.
Description of data processing and purpose
If you give us your consent, we will process your personal data relating to the circumstances and time of your consent (including your signature, email address, telephone or fax number, or IP address) in order to be able to prove that you have consented to the data processing in question within the scope of our accountability obligation under Art. 5 (2f) GDPR. The same applies to the revocation of your consent.
If you exercise your rights as a data subject under the GDPR, we will also process your personal data in order to be able to prove, within the scope of our accountability under Art. 5 (2f) GDPR, that we have complied with the GDPR when processing your request.
Legal basis for data processing
Processing is carried out on the basis of Art. 6 (1) (c) GDPR in conjunction with Art. 5 (2f) GDPR or Art. 6 (1) (f) GDPR. Our legitimate interest lies in being able to document compliance with the requirements of the GDPR within the scope of our accountability.
Recipients
In the context of data processing, your data will be transferred to the following categories of recipients or recipients that we use in the context of data processing to achieve the aforementioned purposes:
● External data protection officers,
● Data protection supervisory authorities,
● Service providers who support us in complying with data protection regulations,
● Software service providers who provide us with solutions for internal and external
communication, for creating and editing documents, and for managing databases.
These are in particular the following recipients:
● Proliance GmbH, Leopoldstr. 21, 80802 Munich, Germany.
Storage period
We store your data for as long as is necessary to achieve the aforementioned purpose. We regularly store data relating to consent given for a period of 3 years from the end of the year in which we last made use of it. Data that we process in connection with the implementation of data subject rights, , is regularly stored for a period of 3 years from the end of the year in which you exercised your data subject rights.
We then delete your data unless data processing, possibly also in other systems, is still permitted on another legal basis or is mandatory for us (e.g., in the case of statutory retention obligations).
Description of data processing and purpose
If you object to data processing for advertising purposes on the basis of legitimate interests, we will add your contact details (e.g., first and last name, email address, telephone number, address) to our advertising block list. We maintain this list in order to ensure that you will not be contacted for advertising purposes in the future, even if we collect and process your data again in accordance with the GDPR.
Only by comparing your data with this list can we ensure that your data will not be used again for advertising purposes after it has been deleted from the active database of our operational systems, for example because you are re-registered as a customer in our systems or because we collect your data again from other data sources or receive it again from third parties, including processors.
The purpose of data processing and our legitimate interest lie in being able to permanently and effectively implement compliance with the right to object under the GDPR and any right to object under competition law that may exist in your country in cases of direct marketing or existing customer advertising, beyond any other deletion of the data.
Legal basis for data processing
Processing is carried out on the basis of Art. 6 (1) (f) GDPR.
Recipients
In the context of data processing, your data will be transferred to the following categories of recipients or recipients that we use in the context of data processing to achieve the aforementioned purposes:
● Email marketing service providers,
● Software service providers who provide us with solutions for carrying out marketing activities,
● Software service providers who provide us with solutions for internal and external communication, for creating and editing documents, and for managing databases,
● IT support and administration service providers.
These are in particular the following recipients:
● Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany.
Storage period
We store your data in the advertising block list for as long as this is necessary to achieve the aforementioned purpose. This is usually for as long as we are active as a company on the market and advertise our products, goods, services, offers, and events.
Description of data processing and purpose
We process personal data if this is necessary to fulfill a legal obligation. The scope of the data to be processed is determined by the legal obligation we are required to comply with.
Legal basis for data processing
In these cases, the legal basis for the processing of your data is Art. 6 (1) (c) GDPR in conjunction with the respective legal norm that imposes such an obligation on us.
These may be, for example, provisions from the German Fiscal Code (AO), e.g. § 147 AO, the German Commercial Code (HGB), e.g. § 257 HGB, or the German Code of Criminal Procedure (StPO), or, where applicable, corresponding legal regulations existing in your country.
Recipients
In the context of data processing, your data will be transferred to the following categories of recipients or recipients that we use in the context of data processing to achieve the aforementioned purposes:
● Tax advisors,
● auditors,
● Financial or investigative authorities,
● lawyers,
● Experts,
● courts.
Storage period
We store your data to the extent necessary for as long as this is necessary to achieve the aforementioned purpose. The storage period is determined by the special legal regulations that oblige us to store or process data for up to 10 years, whereby the specific start of the storage periods is determined by the respective special law.
We will then delete your data unless data processing, possibly also in other systems, is still permitted on the basis of another legal basis.
Description of data processing and purpose
In addition, we process your data in individual cases for the purpose and in the interest of asserting legal claims, for example to enforce our claims due to unpaid invoices, provided that your data is relevant to a legal dispute.
In addition, we process your data in individual cases for the purpose and in the interest of defending against legal claims brought against us, for example, in the event of claims for liability for material defects, provided that your data is relevant to a legal dispute.
Legal basis for data processing
The legal basis for the processing of your data is Art. 6 (1) (f) GDPR.
Recipients
As part of data processing, your data will be transferred to the following categories of recipients or recipients that we use in the context of data processing to achieve the aforementioned purposes:
● Tax advisors,
● auditors,
● financial or investigative authorities,
● lawyers,
● Experts,
● courts.
Storage period
We store your data in individual cases to the extent necessary for as long as this is necessary to achieve the aforementioned purpose. We then delete your data unless data processing, possibly also in other systems, is still permissible on another legal basis or is mandatory for us (e.g., in the case of statutory retention obligations).
Below you will find information on the rights granted to you by the applicable data protection law with regard to the controller in relation to the processing of your personal data:
You have the right to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right of appeal, the origin of your data if it was not collected by us, and the existence of automated decision- making, including profiling and, where applicable, meaningful information about its details.
You have the right to request the immediate rectification of inaccurate or incomplete personal data stored by us in accordance with Art. 16 GDPR.
You have the right to request the erasure of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims.
You have the right to request the restriction of the processing of your personal data in accordance with Art. 18 GDPR, unless the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to have it deleted and we no longer need the data, but you need it to assert, exercise or defend legal claims, or you have objected to the processing pursuant to Art. 21 GDPR.
You have the right, pursuant to Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or to request its transfer to another controller.
You have the right to withdraw consent in accordance with Art. 7 (3) GDPR: You have the right to withdraw your consent to the processing of data at any time with effect for the future. In the event of withdrawal, we will delete the data concerned immediately, unless further processing can be based on a legal basis for processing without consent. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
If your personal data is processed by us on the basis of legitimate interests pursuant to Art. 6 (1) (f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that this is done for reasons arising from your particular situation. If the objection is directed against the processing of personal data for the purpose of direct marketing, you have a general right of objection without the need to specify a particular situation.
If you wish to exercise your right of withdrawal or objection, please contact us using the contact details provided above under “Responsible party.”
You have the right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of the federal state of our registered office specified above or, if applicable, that of your usual place of residence or workplace. The supervisory authority responsible for us is the Berlin Commissioner for Data Protection and Information Security, Alt-Moabit 59-61, 10555 Berlin.
If you exercise your rights under the GDPR against us and we do not or cannot implement one of these rights, you have the right to seek legal remedy in accordance with Art. 79 GDPR.
This privacy policy was last updated on DATE .