DATA PROTECTION

LinkedIn

We maintain a publicly accessible company page on LinkedIn, where we provide information about our products, services, and company news. We also integrate a LinkedIn social media plugin on our website. The provision of personal data is voluntary; however, certain functions are only available if the relevant data is processed.

When you visit our LinkedIn profile, personal data is collected, used, and stored by both us and LinkedIn—even if you do not have a LinkedIn profile yourself. The exact data processing operations and their scope are the responsibility of LinkedIn and are not fully traceable to us. 

LinkedIn is the independent controller in this respect. The collected data will not be passed on to other third parties unless required by law. LinkedIn transfers data to the USA. This transfer is carried out in compliance with the EU-US Data Privacy Framework (DPF) and standard contractual clauses to ensure an adequate level of data protection. Further information can be found in LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy .

LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible for data protection matters outside the US.

As the operator of the company page, we can only view the information that you have stored in your public profile and that is visible to us when you are logged into your LinkedIn account. In addition, LinkedIn provides us with anonymized usage statistics (e.g., reach, views), which we use to improve our content and optimize the user experience. We do not have access to the underlying usage data. LinkedIn has undertaken to assume primary responsibility under the GDPR with regard to this data processing and to make the essence of this obligation available to the data subjects.

This processing serves our legitimate interest in tailoring our offering and communication with interested parties to the target group (Art. 6 (1) (f) GDPR). If you contact us via LinkedIn (e.g., through comments, reactions, or private messages), we will process your information solely for the purpose of processing your request or communicating with you. The legal basis in these cases is Art. 6 (1) (a) GDPR (consent) or Art. 6 (1) (b) GDPR (pre-contractual communication). 

LinkedIn also uses cookies or similar technologies that may be stored on your device when you visit our company page, even if you do not have your own LinkedIn profile or are not logged in. These technologies enable LinkedIn to create user profiles based on preferences and interests and to display personalized advertising (within and outside LinkedIn) to you.

The storage period for these cookies is based on the information provided by LinkedIn; you can delete cookies at any time via your browser settings. The legal basis for setting these cookies is your consent in accordance with Section 25 (1) TDDDG in conjunction with Art. 6 (1) (a) GDPR.

Our website also uses a LinkedIn social media plugin that is implemented with the Shariff solution. This privacy-friendly solution ensures that no personal data is transmitted to LinkedIn when our website is loaded. Only when you actively click on the plugin does your browser establish a connection to LinkedIn's servers. Data such as your IP address, device information, and browser data are transmitted in the process. If you are logged into LinkedIn, LinkedIn can assign this data to your account. After activation, LinkedIn may use cookies or similar technologies to track user interactions or analyze usage. We have no influence on this processing.

Consent via our consent management tool is not required for Shariff integration, as no data is transferred or stored on your device before you actively click on the button yourself. If you do not want any data to be transferred to LinkedIn, please do not click on the plugin or log out of your LinkedIn account before visiting our website.

We do not store any personal data in connection with the LinkedIn plugin. Data collected by LinkedIn is subject to its own storage periods, as described in LinkedIn's privacy policy. Anonymous statistics are stored permanently, but do not contain any personal data.

XING

We operate a company profile on XING and integrate a XING social media plugin on our website to establish business contacts, publish job vacancies, and promote our services. XING is operated by XING SE, Dammtorstraße 30, 20354 Hamburg, Germany. Below, we provide information about the processing of your personal data in connection with our XING company profile and the XING plugin.

XING is the independent controller responsible for processing the data transmitted in connection with the company profile and the plugin. For more information, please refer to XING's privacy policy: https://privacy.xing.com/de/datenschutzerklaerung .

When you visit our XING company profile, XING collects personal data (e.g., IP address, device information, browser data, user behavior such as content viewed or interactions), regardless of whether you have a XING account or are logged in. If you are logged in, XING links this data to your account. As the operator of the profile , we can only view the information visible in your public XING profile. XING also provides us with anonymized usage statistics (e.g., views, reach), which we use to optimize our content and job offers.

The purpose of the processing is to provide and optimize our XING company profile and to promote business contacts.

The legal basis is Art. 6 (1) lit. f GDPR (legitimate interest in the target group-oriented design of our content and accessibility for interested parties). If you actively interact with us (e.g., through messages), processing is based on Art. 6 (1) (a) GDPR (consent) or Art. 6 (1) (b) GDPR (implementation of pre-contractual measures).

Our website also uses a XING social media plugin (e.g., share button) that is implemented with the Shariff solution. This privacy-friendly solution ensures that no personal data is transmitted to XING when our website is loaded. Only when you actively click on the plugin does your browser establish a connection to the XING servers. Data such as your IP address, device information, and browser data are transmitted in the process. If you are logged in to XING, XING can assign this data to your account. After activation, XING may use cookies or similar technologies to track user interactions or analyze usage. We have no influence on this processing.

Consent via our consent management tool is not required for Shariff integration, as no data is transferred or stored on your device before you actively click on the button yourself. If you do not want any data to be transferred to XING, please do not click on the plugin or log out of your XING account before visiting our website.

We do not store any personal data in connection with the XING plugin. Data collected by XING is subject to their storage period as described in XING's privacy policy. Anonymous statistics are stored permanently but do not contain any personal data.

GDPR

HubSpot

We use HubSpot, a service provided by HubSpot Ireland Limited, located at HubSpot House, 1 Sir John Rogerson's Quay, Dublin 2, D02 CR67, Ireland ("HubSpot"), for our online marketing activities. HubSpot enables us to manage customer and prospect data (CRM), send emails and newsletters, analyze campaigns, and provide contact forms and other communication functions on our website.

In particular, contact details such as name, email address, and phone number, communication content such as messages and inquiries, usage data on pages accessed and responses to emails (e.g., open and click rates, if you have consented to this), and technical data such as IP address, browser type, and access times are processed.

The processing of personal data is based on different legal grounds depending on the purpose: to respond to inquiries and maintain existing business relationships in accordance with Art. 6 (1) (b) GDPR, to protect our legitimate interests in efficient customer communication and marketing organization in accordance with Art. 6 (1) (f) GDPR, and, insofar as tracking functions or newsletter distribution are used, on the basis of your consent pursuant to Art. 6 (1) (a) GDPR in conjunction with § 25 (1) TDDDG, provided that you have given us your consent when registering for our newsletter.

If you subscribe to our newsletter or receive emails from us, HubSpot may record whether and when you have opened them or clicked on any links contained therein, provided that you have agreed to this as part of your consent. You can revoke your consent at any time with effect for the future, e.g., via the unsubscribe link at the end of each email or by contacting us.

Your data is generally stored on servers within the European Union, which are operated by HubSpot in Germany and Ireland. In exceptional cases, personal data may be transferred to the parent company HubSpot Inc., 25 First Street, Cambridge, MA 02141, USA, for example for technical maintenance or troubleshooting. The transfer to the USA is based on the EU-U.S. Data Privacy Framework, under which HubSpot Inc. is certified, thus guaranteeing an adequate level of data protection. For more information on data processing by HubSpot, please visit https://legal.hubspot.com/de/privacy-policy. 

Use of the online contact form

When you use the online contact form, we collect personal data such as title, first name, last name, company affiliation, address, email address, and phone number only to the extent that you provide it. We use your email address only to process your request. Your data will then be deleted, unless this conflicts with tax or commercial law retention periods or you have consented to further processing and use.

We use the HubSpot service to provide the online contact form.

The legal basis for data processing is Art. 6 (1) lit. b) GDPR. The legal basis for the storage of your personal data under tax and commercial law is Art. 6 (1) lit. c) GDPR in conjunction with §§ 147 AO, 257 HGB.

Newsletter dispatch

If you have subscribed to our newsletter, we will use your email address for our own advertising purposes as long as you have not revoked your consent to receive the newsletter.

We use the HubSpot service to send and manage the newsletter.

We use the double opt-in procedure for registration for our newsletter. This means that after you register, we will send an email to the email address you provided, asking you to confirm that you are the owner of the email address provided and that you wish to receive the notifications. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month. In addition, we store your IP addresses and the times of registration and confirmation. The purpose of this procedure is to verify your registration and, if necessary, to investigate any possible misuse of your personal data. 

The only mandatory information required to send you the newsletter is your email address. The provision of additional, separately marked data is voluntary and is used to address you personally. After your confirmation, we will store your email address for the purpose of sending you the newsletter. The legal basis is Art. 6 (1) (a) GDPR.

The legal basis for processing for the purpose of proving consent is Art. 6 (1) (c) in conjunction with Art. 5 (2) GDPR, Art. 7 (1) GDPR, and Art. 24 (1) GDPR, as well as Art. 6 (1) (f) GDPR. Our legitimate interest is to defend ourselves against legal claims. 

You can revoke your consent to receive the newsletter at any time and unsubscribe from the newsletter. You can revoke your consent by clicking on the link provided in every newsletter email, by sending an email tonewsletter@hr-diagnostics.de , or by sending a message to the contact details provided in the legal notice.

.

Automated decision-making and profiling

Automated decision-making and profiling do not take place. 

Our security standards

Your personal data is transmitted via the Internet on our website using the SSL (Secure Socket Layer) security system. This technology offers a high level of security and is therefore also used by banks, for example, for data protection in online banking. We secure our website and other systems against loss, destruction, access, modification, or distribution of your data by unauthorized persons through technical and organizational measures.

Rights of data subjects

Under the GDPR, you have the following legal rights as a data subject, provided that the relevant conditions are met:

• Right to information about your data stored by us in accordance with Art. 15 GDPR,
• Right to rectification of inaccurate data in accordance with Art. 16 GDPR,
• Right to erasure of data stored by us in accordance with Art. 17 GDPR,
• Right to restriction of processing of data stored by us in accordance with Art. 18 GDPR,
• Right to data portability pursuant to Art. 20 GDPR,
• Right to object pursuant to Art. 21 GDPR,
• Right to withdraw consent at any time in accordance with Art. 7 (3) GDPR; this means that we may no longer continue the data processing that was based on this consent in the future.
• Right to lodge a complaint with a competent supervisory authority pursuant to Art. 77 GDPR if you believe that the processing of your personal data violates the provisions of the GDPR.

Right to object

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) (f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are reasons for this arising from your particular situation. 

If you wish to exercise your right to object, simply send an email to datenschutz@hr-diagnostics.de

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms.