With the following information, we would like to give you an overview of the collection and processing of personal data when using our website.
*Last update: 9 December 2022
Controller for the processing of personal data on this website is:
Cobrainer GmbH
Lothstrasse 5
80335 Munich
Germany
Tel.: 089 8563 6970
E-mail: info@cobrainer.com
If you have any questions about this privacy policy or wish to exercise your data subject rights, you can contact our data protection officer at privacy@cobrainer.com at any time.
Cobrainer GmbH
Lothstraße 5
D-80335 München
In case of mere informational use of our website, i.e. if you do not otherwise transmit information to us, we collect the (possibly personal) data that your browser transmits to our server. Accordingly, we collect the following data:
This data is stored in server log files for a few days for security reasons and will be deleted subsequently. If data must be retained for proof purposes, it will not be deleted until the incident has been finally resolved.
The legal basis for the described data processing is Art. 6 para. 1 (f) GDPR. We have a legitimate interest in processing the server log files to ensure the website security and to clarify cases of abuse.
In addition to the previously mentioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive and through which the entity that sets the cookie receives certain information.
Our website uses so-called session cookies. These cookies store a so-called session ID, with which various requests of your browser can be assigned to the common session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser. You can configure your browser setting according to your preferences and, for example, refuse to accept all cookies. Please note that in this case you may not be able to use all functions of this website.
The legal basis for the described data processing is Art. 6 para. 1 (f) GDPR. We have a legitimate interest in storing the aforementioned cookies for the technically error-free and user-friendly design of the services. Some of the services listed below also use their own (third-party) cookies. The legal basis for these cookies follows in each case the legal basis for the data processing described below.
When contacting us by e-mail or contact form, the data you provide (your e-mail address, your name and telephone number, the content of your message, if any) will be processed by us in order to answer your questions. We delete this data after processing for answering your questions is no longer necessary or restrict the processing if there are legal retention obligations.
The legal basis for this data processing is Art. 6 para. 1 (b) GDPR, as far as a contractual relationship is intended, and our legitimate interest in answering your inquiry according to Art. 6 para. 1 (f) GDPR, as far as other inquiries are concerned.
When contacting us via e-mail and/or contact form, your data will be transferred to servers in the United States of America ("USA"). There is no adequacy decision of the European Commission for the USA, which certifies an adequate level of data protection for the USA. Therefore, by transferring your personal data, there is a risk that US authorities will access it and process it for their own purposes. The appropriate safeguards for the transfer of your data to the USA are provided by so-called EU standard data protection clauses and supplemented measure pursuant to Art. 46 para. 2 (c) GDPR.
If you wish to apply to us, this is regularly done via Personio. In this case, please check out our additional privacy policy at https://cobrainer.jobs.personio.de/.
We use the analytic software Matomo on our own server.
Matomo uses what are known as cookies. These are text files that are saved on your computer and enables us to analyze the user behavior by pseudonymized user profiles and how our website is used. The following data is processed for this purpose: Abbreviated IP address, the website accessed, HTTP referrer, the subpages accessed, the time spent on the website, the frequency with which the website is accessed.
Our website uses Matomo on its own server, i.e. this data is not transferred to Matomo. In addition, the IP addresses are processed in a shortened form (e.g. 192.168.xxx.xxx), so that the IP address can no longer be linked to you and your computer. Moreover, the IP address transmitted by your browser via Matomo is not merged with other data collected by us.
If you do not agree with this processing, you can stop Matomo by just clicking the following this link and unchecking the box.
By clicking this link, it sets a cookie on your device that prevents starting Matomo. Please note that you must click the above link again if you delete the cookies stored on your device. The Matomo cookie remains on your device until you delete it.
The legal basis for this processing is our legitimate interest in the statistical analysis of user behavior in order to optimize our website pursuant to Art. 6 para. 1 (f) GDPR.
We use videos on our website. These videos are not stored on our own servers, but are uploaded to third-party providers and only embedded on our website. This embedding of the videos results in calls to the servers of these third-party providers. Specifically, these are YouTube LLC, 901 Cherry Avenue, 94066 San Bruno, CA, USA and Vimeo Inc, 555 West 18th Street, New York 10011, USA (hereinafter "YouTube" and "Vimeo" or together "video platform"). We use the video platform in an extended data protection mode, which means that a connection between your browser and the video platform is only established when you start the video by clicking on the corresponding button.
We do not process any personal data with respect to such embedded videos. Controller of any processing that may take place during watching such embedded videos is the respective video platform. Further information on this processing of your data by YouTube can be found at https://www.youtube.com/t/privacy_at_youtube and by Vimeo at https://vimeo.com/privacy .
We use the translation service Weglot on our website which is provided by our processor Weglot SAS, 138, rue Pierre Joigneaux in Bois-Colombes 92270, France.
Weglot is loaded automatically when you visit the website so that you can change the language via the language icon in the footer of the website. This establishes a direct connection between your browser and the Weglot server for the duration of your visit to this website, whereby Weglot processes your IP address and the subpage you visit.
The processing of the data is based on our legitimate interest in an understandable presentation of the website in the language of the respective user (Art. 6 para. 1 (f) GDPR).
To obtain your consent for cookies and similar technologies, we use the consent management tool provided by our processor Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich ("Cookie consent tool"). The Cookie consent tool identifies which cookies are used by our website and whether you have given or revoked your consent to their use. This allows us to prevent cookies and similar technologies from being used if you have not given consent. The cookie set by the Cookie consent tool stores the setting of your preferences and has a lifetime of one year.
The legal basis for this data processing is Art. 6 para. 1 (f) GDPR, as we have a legitimate interest in being able to comply with the legal requirements of the GDPR and the ePrivacy Directive through technical measures.
We use LinkedIn Insight Tag, a service provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (hereinafter "LinkedIn Tag"), to perform detailed campaign reportings and to gain information about our website visitors in order to track conversions and/or retarget our website visitors.
This LinkedIn Tag collects the following data: page views on our website, including URL, referrer URL, IP address, device and browser properties (user agent), and timestamp. IP addresses are shortened or (if used to track user across devices) hashed. Users' direct identifiers are removed within seven days to pseudonymize the data. This remaining pseudonymized data is deleted within 90 days.
LinkedIn Tag transfers your data to countries outside the European Union and the European Economic Area (so-called “third countries”). For some of these third countries, in particular the United States of America (hereinafter "USA"), no adequate level of data protection has been determined by the European Commission. These third countries therefore do not offer data protection law that is comparable to that of the European Union. The appropriate guarantees for the transfer of such data to the third countries are achieved by concluding so-called EU standard data protection clauses and supplemental measures pursuant to Art. 46 para. 2 (c) GDPR.
LinkedIn Tag does not share any personal data with us, but only provides reports and notifications (in which you are not identified) about website audience and ad performance. Thus, we do not have access to the above data from you.
You can find more information on data protection in the LinkedIn privacy policy at https://www.linkedin.com/legal/privacy-policy.
The legal basis for such processing is your consent according to Art. 6 para. 1 (a) GDPR.
We use the HubSpot service on our website, which is provided by our processor HubSpot Germany GmbH, Am Postbahnhof 17, 10243 Berlin and its US parent company HubSpot Inc. (hereinafter "HubSpot").
We use HubSpot for the following purposes:
We offer you the option to subscribe to our newsletter in order to get information about our products and news at regular intervals. For this purpose, only your e-mail address is required. For such newsletters we are using HubSpot.
In addition to sending out the newsletter, we also measure its success, i.e. the newsletter contains a so-called web beacon, a small pixel that is retrieved when the newsletter is opened. The information obtained with the help of the web-beacon is used to determine your reading behavior based on the access location and access time. Through this performance measurement, we also know whether you opened the newsletter, when you opened the newsletter and which links were clicked. This data is not analyzed individually, but only aggregated, i.e. we try to find out from it in general (and not specifically related to you) what reading habits and interests the subscribers of the newsletter have. Details on the categories of data processed for this purpose can be found below under Marketing Analysis.
Please note that we also use the so-called double opt-in procedure to register you for our newsletter and log this registration for the newsletter in order to be able to prove the registration process in accordance with legal requirements. This includes the storage of the registration and confirmation time as well as the IP address. In order to be able to provide this evidence even after you have unsubscribed from the newsletter, we will store your email address and the registration data for up to three years after you have unsubscribed.
We use HubSpot to analyze our marketing activities when you visit our website or subscribe to our newsletter. In doing so, so-called "web-beacons" are used and cookies are stored on your device. The collected information as well as the content of our website is stored and analyzed on HubSpot servers in order to continuously optimize the website and make it more user-friendly. In addition, we use the information to determine which of our services are of interest to customers and newsletter subscribers and to contact them for advertising purposes.
As part of optimizing our marketing efforts, the following data may be collected and processed via Hubspot:
Cookies have a typical lifetime of 13 months. In addition, we delete your personal data collected via HubSpot as soon as the purpose for which it was collected has been achieved, unless a legal retention period requires further processing.
The processing of your personal data is based on your consent pursuant to Art. 6 para. 1 a GDPR. You can withdraw your consent at any time, in the case of a newsletter via HubSpot, via the "unsubscribe" link in the newsletter. Please note that this withdrawal of consent does not affect the lawfulness of the processing until your withdrawal. However, the only exception is the processing of your data in order to be able to prove your consent. The legal basis for this data processing is our legitimate interest (Art. 6 para. 1 f GDPR) to prove the registration and to defend claims of data subjects.
Please note that HubSpot may transfer the data to countries outside the European Union and the European Economic Area (hereinafter “Third Countries”). For some of these Third Countries, in particular the United States of America (hereinafter "USA"), no adequate level of data protection has been determined by the European Commission. These Third Countries therefore do not offer data protection law that is comparable to that of the European Union. The appropriate safeguards for the transfer of data to such Third Countries are achieved by concluding so-called EU standard contractual clauses pursuant to Art. 46 para. 2 c GDPR, which have been supplemented by additional measures where necessary.
Within our company, your personal data will only be accessed by those departments that absolutely need it to fulfill the above-mentioned purposes. The aforementioned data may also be processed by processors who operate or maintain our website and systems. In addition, the data will be transmitted to the providers expressly mentioned in section 2. Such processing is governed by a contract as set out in Art. 28 GDPR, to the extent that such provider is acting as a processor for us.
In section 2, we refer specifically to the transfer of your data to countries outside the European Union for specific services. In addition, our website is hosted by processors (currently Webflow and Uberspace), that use servers in the United States of America ("USA").
There is no adequacy decision of the European Commission for the USA, which certifies an adequate level of data protection. Therefore, by transferring your personal data, there is a risk that US authorities will access it and process it for their own purposes. The appropriate safeguards for the transfer of your data to the USA are provided by so-called EU standard data protection clauses and supplemental measures pursuant to Art. 46 para. 2 (c) GDPR.
As far as possible, we have informed you of the specific retention period and the period for which the personal data will be stored in section 2 above. Otherwise, the retention period is determined by us by the following criteria: We process and store your personal data as long as necessary in relation to the purposes for which they were collected. If the processing of your personal data is no longer necessary for us, in particular because contractual obligations or our legitimate interests have been fulfilled, it will be erased by us, unless its further processing or archiving is required for legal reasons. These legal reasons include, for example, retention obligations under commercial and tax law (e.g. German Commercial Code and the German Fiscal Code). The periods specified there for the retention of data are generally two to ten years.
You are under no legal or contractual obligation to provide us your personal data. However, without this data we are in some cases not able to offer all functionalities of the website.
No automated decisions or other profiling measures are carried out by us, unless expressly indicated in section 2.
.webp)
.svg)
