Privacy policy


General notice and mandatory information

Responsible party
The responsible party within the meaning of the General Data Protection Regulation (GDPR) is:

mindline GmbH
Managing directors: Stefan Ruthenberg, Antje Gollnick und Jörg Kunath
Bramfelder Straße 115
22305 Hamburg

Telefon: +49 (0)40 808 109 – 0

Data Protection Officer
If you have any concerns regarding data protection, please do not hesitate to contact our data protection officer at the above address or the following e-mail address: dsb@mindline.de

Links to websites of other providers
Our websites may contain links to websites of other providers to which this data protection information does not extend. Please refer to the Privacy Policy of the respective provider.

Data processing

Use of our website
When you use our website for purely informational purposes, we only process personal data that your browser transmits to our web server. The following data is transmitted by your browser The IP address of your device, date and time of accessing our website, request content of the specific website, http status code or access status, data volume transfer, the website from which the request comes, your browser type, its language and the software version and your operating system.
This is done to enable you to view our website and to ensure the stability and security of the website (Art. 6 para. 1 lit. f) GDPR). The recipient of the access data is exclusively mindline GmbH. The information is deleted after 30 days.

SSL or TLS encryption
For security reasons and to protect the transmission of confidential content that you send to us as the site operator, our website uses SSL or TLS encryption. Data that you transmit to us via this website cannot be viewed by third parties. You can recognise an encrypted connection by the “https://” address line of your browser and/or the lock symbol in the browser line.

Google Web Fonts (local hosting)
We want all users of our website to be able to see the display we want, which is why we use web fonts from Google. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
When the page is displayed, the Google web fonts are retrieved from a Google server in the USA. This involves the transfer of your IP address and which of our pages you have visited to Google. The use of Google Web Fonts is based on Art. 6 para. 1 lit. f GDPR. As the operator of this website, we have a legitimate interest in the optimal presentation and transmission of our website. You can find details about Google Web Fonts at: https://www.google.com/fonts and further information in Google’s privacy policy: https://policies.google.com/privacy/partners

Cookies
Our website uses cookies. These are small text files that your web browser stores on your end device. Cookies help us to make our website more user-friendly, effective and secure. We only use “session cookies”. Such cookies are deleted automatically at the end of your browser session. With a modern web browser, you can monitor, restrict or prevent the setting of cookies. Deactivating cookies may result in limited functionality of our website. The setting of cookies, which are necessary for the performance of electronic communication processes or the provision of certain functions desired by you, takes place on the basis of Art. 6 para. 1 lit. f GDPR. As the operator of this website, we have a legitimate interest in the storage of cookies for the technically error-free and smooth provision of our services.

Vimeo
Our website uses plugins from Vimeo to integrate and display video content. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA.
When a page with an integrated Vimeo plugin is accessed, a connection to the Vimeo servers is established. This tells Vimeo which of our pages you have visited and your IP address. The information collected by Vimeo is transmitted to the video portal’s servers in the USA. If you are logged into your Vimeo account, Vimeo can assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your account beforehand. The use of Vimeo is based on our legitimate interests, i.e. interest in the optimal presentation and transmission of our website in accordance with Art. 6 para. 1 lit. f. GDPR. Details on the handling of user data can be found in Vimeo’s privacy policy at: https://vimeo.com/privacy

jsDelivr CDN
Our website uses a so-called “Content Delivery Network” (CDN) from jsDelivr. A CDN is a service with the help of which the content of our online offer, in particular large media files such as graphics or scripts, are delivered faster with the help of regionally distributed servers connected via the Internet. User data is processed solely for the aforementioned purposes and to maintain the security and functionality of the CDN. For this purpose, the browser you use must connect to the CDN servers. As a result, the CDN becomes aware that our website has been accessed via your IP address. The use is based on our legitimate interests, i.e. interest in the secure and efficient provision, analysis and optimisation of our online offer in accordance with Art. 6 para. 1 lit. f. GDPR. GDPR. Further information can be found in the privacy policy of
jsDelivr: https://www.jsdelivr.com/privacy-policy-jsdelivr-net/

Matomo
We use the open source web analysis service Matomo to improve our website. This service enables us to analyse user movements on mindline.de in a data protection-friendly manner. Matomo is configured so that no cookies are stored on your end device. Instead, the application uses what is known as “fingerprinting”. This involves recording user movements on our website using pseudonymised IP addresses in combination with the user’s browser settings. This makes it impossible to draw conclusions about the identity of individual users. You can use the do-not-track function in your browser to generally prevent the recording of your page visits. This measure is effective both for mindline.de and for other pages you visit.

The legal basis for the use of Matomo results from Art. 6 para. 1 lit. f GDPR. The use of Matomo is intended to ensure the needs-based design and continuous optimisation of our website. To this end, we statistically record and analyse usage. These interests are to be regarded as legitimate within the meaning of the aforementioned provision.

You have the option of preventing the recording of your page visits by deselecting the following checkbox.

You have the option of preventing the actions you take here from being analysed and linked. This will protect your privacy, but will also prevent the owner from learning from your actions and improving usability for you and other users.

Your visit to this website is currently being recorded by Matomo web analytics. Uncheck this box to opt-out.

You may choose to prevent this website from aggregating and analyzing the actions you take here. Doing so will protect your privacy, but will also prevent the owner from learning from your actions and creating a better experience for you and other users.

Please note that a Matomo deactivation cookie will be stored on your end device if you deselect this option.

Our activities in social networks
In order to inform you about our services and to communicate in social networks, we operate our own pages on various platforms. We share responsibility for data processing with the providers of these platforms in accordance with Art. 26 GDPR.
We are not the original provider of these pages, but only use them within the scope of the possibilities offered to us by the respective providers.

Your data may also be processed outside the European Union or the European Economic Area. Use may therefore be associated with data protection risks for you, as it may be more difficult to protect your rights and processing in the social networks is often carried out directly for advertising purposes or to analyse user behaviour by the providers, without us being able to influence this.

Your personal data is processed in accordance with Art. 6 para. 1 lit. f) GDPR on the basis of our legitimate interest and the legitimate interest of the respective provider in order to communicate with you in a timely manner. If you are required to give your consent to data processing by the respective providers as a user, this is based on Art. 6 para. 1 lit. a) GDPR in conjunction with Art. 7 GDPR. Art. 7 GDPR.

As we do not have access to the providers’ databases, we recommend that you assert your rights (e.g. to information, rectification, erasure) directly with them. Further information on the processing of your data in the social networks can be found below with the providers we use.

LinkedIn
(Joint) controller for data processing in Europe:
LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland
Privacy policy: https://www.linkedin.com/legal/privacy-policy

XING (New Work SE)
(Joint) controller for data processing in Germany:
New Work SE, Am Strandkai 1, 20457 Hamburg, Germany
Privacy policy: https://privacy.xing.com/de/datenschutzerklaerung
Requests for information for XING members: https://www.xing.com/settings/privacy/data/disclosure

Special processing situation:

Job applications
If you send us your application for an advertised position, your application documents will be processed on the basis of Art. 88 GDPR in conjunction with Section 26 (1) sentence 1 of the German Federal Data Protection Act (BDSG). If you send an application photo, you do so voluntarily and thus give your consent to the collection and storage of your application photo (Art. 88 in conjunction with § 26 para. 2 BDSG). We have a very great interest in carrying out and completing a proper application process. This also includes the refutation of conflicting allegations of discrimination in connection with the completion of the application process, which is why your application documents will only be deleted 6 months after rejection. Your application documents will only be stored for longer with your express consent. In the case of unsolicited applications, your application documents will be deleted within a maximum of 12 months after receipt, even if they have not been rejected.

Your rights:

Revocation of your consent to data processing
Some data processing operations are only possible with your express consent. You can withdraw your consent at any time. An informal notification by e-mail is sufficient to withdraw your consent. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to third parties. The data will be provided in a machine-readable format. If you request the direct transfer of the data to another controller, this will only take place if it is technically feasible.

Right to information, rectification, blocking, erasure
You have the right to free information about your stored personal data, the origin of the data, its recipients and the purpose of the data processing and, if necessary, a right to correction, blocking or deletion of this data at any time within the framework of the applicable legal provisions. You can contact us at any time using the contact options listed in the legal notice if you have any further questions on the subject of personal data.

Right to lodge a complaint with the competent supervisory authority
As a data subject, you have the right to lodge a complaint with the competent supervisory authority in the event of a breach of data protection law. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which our company is based. The following link provides a list of data protection officers and their contact details: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

Changes to the privacy policy

Declaration
We reserve the right to amend this privacy policy at any time in compliance with the applicable data protection regulations. Current status is February 2024.