Data protection at Apostroph Group

Data privacy policy

Thank you for visiting our website. Compliance with data protection regulations is of great importance to us. The aim of this data privacy policy is to inform you as a user of the website about the nature, scope and purpose of processing personal data and your rights, insofar as you are considered a data subject as defined in Article 4, paragraph 4 of the General Data Protection Regulation (GDPR). At the same time, this declaration also fulfils the requirements of §13 of the Telemediengesetz (German telemedia act) in force up to that point.

 

I Responsible authority

This website and service offer are operated by

APOSTROPH GERMANY GmbH

An der Strusbek 12 b

22926 Ahrensburg

Germany

Tel.: +49 (0)4102 2350

Fax: +49 (0)4102 235 500

email: mail@apostrophgroup.de

Managing partner: Vladimir Schafir

 

II General

In the development of our website, we have designed it in such a way to collect as little data from you as possible. It is always possible to visit our website without having to provide personal data. Only when you decide to use certain services (e.g. use of our contact form) does it become necessary to process personal data. In this regard, we always ensure that your personal data is processed in accordance with the legal regulations or the scope of consent you have granted. We comply with the regulations of the GDPR valid from 25 May 2018 and the applicable national provisions such as the Federal Data Protection Act (BDSG), the Telemediengesetz (German telemedia act) and other more specific data protection laws.

 

III Definitions

The terms used in this data privacy policy are in line with the GDPR and have the following meanings.

Personal data means all information that refers to an identified or identifiable natural person (hereinafter ‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing means any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection; recording; organisation; structuring; storage; adaptation or alteration; retrieval; querying; use; disclosure by transmission, dissemination or otherwise making available; alignment or combination; restriction; erasure; or destruction.

Restriction of processing means the marking of stored personal data with the objective of limiting their processing in future.

Pseudonymisation means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

Controller means the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by European Union or Member State law, the controller or the specific criteria for its nomination may be provided for by European Union or Member State law.

Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Recipient means a natural or legal person, public authority, agency or another body to which the personal data are disclosed, whether a third party or not. However, public authorities that may receive personal data within the framework of a particular enquiry in accordance with Union or Member State law shall not be regarded as recipients. The processing of this data by the aforementioned authorities shall occur in compliance with the valid data protection provisions and according to the purposes of the processing.

Third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

 

IV Consent

In some cases, we collect certain personal data during your visit to our website for which we need your consent. This takes place, for one, on our contact page when requesting a quotation as well as on our career page when applying for an advertised position. Furthermore, you have the option to subscribe to our newsletter on the contact page.

Declaration of consent

By using the forms we have made available, you consent to our collection of your personal data and the processing of your personal data as described in this data privacy policy. You can revoke this consent at any time and with future effect by submitting a declaration. However, we would like to point out that the use of our services will not be possible without your consent. To revoke this right, please use the contact information given above (please provide us with your name, email and postal address).

 

V Purpose and legal basis for processing personal data

We process personal data necessary for the establishment, implementation or processing of our range of services according to the legal basis of Article 6, paragraph 1, point (b) GDPR. Insofar as we use external service providers to process order data, the processing is carried out on the legal basis of Article 28 GDPR.

We collect, process and use personal data exclusively for the following purposes:

 

 

Purpose of data processing

 

 

Legal basis for data processing (why data processing is necessary)

 

 

for making contact with you and the related correspondence

 

 

on the basis of your consent

 

 

for processing your request and providing any further consultation desired

 

 

on the basis of your consent

 

 

for subscribing to the newsletter

 

 

on the basis of your consent

 

 

for processing your job application and the related correspondence

 

 

on the basis of your consent

 

 

for ensuring that our website is presented to you in the most effective and interesting way possible (e.g. by means of anonymous evaluation)

 

 

on the basis of legitimate interests

 

 

for the technical implementation of our quotations

 

 

on the basis of legitimate interests

 

 

White Paper available for download

 

on the basis of your consent

 

VI Collected and processed personal data

We only collect and process your personal data if you voluntarily and knowingly provide it – for example, by filling out forms or sending emails.

Within the framework of the available forms, this comprises the following data among others:

 

General contact data:

Company name, full name, address, email address, telephone number and subject

 

Newsletter subscription:

Email address

 

Quotation request form:

Title, full name, company name, address, email address, telephone number and subject; message; any attachments

 

Job application form:

Information about yourself; address; contact details and availability; information about your language qualifications and specialty fields; information about your level of education; information about your technical integration and equipment; references and salary expectations

 

Online job application form:

Information about yourself and date of birth, if applicable; address; email address and telephone number, if applicable; salary expectations, if applicable, and availability; information on how you became aware of the advertised position, if applicable; further information as a message, if applicable.

Personal data provided by you and its contents remain exclusively with us and our affiliated companies. We will only store and process your data for the purposes stated in section 5 of this policy. Any use beyond the stated purpose requires your express consent. The same applies to the transfer and transmission of your data to third parties.

 

VII General log files

The web server temporarily records the following information in log files: the connection data of the requesting computer (IP address), the pages you visit on our site, the date and duration of your visit, the identification data of the browser and operating system type used, the website through which you came to our website and the successful retrieval. The technical administration of the web pages and anonymous statistical surveys enable the evaluation of the number of visits to the APOSTROPH GERMANY website and an evaluation with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data processed by us.

The data in the server log files is stored separately from all personal data provided by you.

Subject to any statutory retention obligations, we will delete or anonymise your IP address after you leave our website.

 

VIII Newsletters

As part of subscribing to the email newsletter, APOSTROPH GERMANY requires the email address to which the newsletter is to be sent. Any further information is voluntary and will be used to address you personally and to personalise the newsletter as well as to clarify any queries regarding your email address.

If you subscribe to the newsletter on this website, APOSTROPH GERMANY will use the data you have entered exclusively for this purpose or to inform you about the relevant circumstances regarding this service or its registration. APOSTROPH GERMANY passes this data on to the service provider MailChimp for the purpose of managing and carrying out the newsletter mailing. APOSTROPH GERMANY relies on the reliability as well as the IT and data security of MailChimp. MailChimp is certified under the US-EU Privacy Shield Framework and undertakes to comply with European Union data protection regulations. Furthermore, there is a corresponding agreement between APOSTROPH GERMANY and MailChimp for order processing. This is a contract in which MailChimp undertakes to protect the data of our users, to process the data on our behalf in accordance with their data protection regulations and, in particular, not to pass the data on to third parties. You can view MailChimp’s privacy policy here.

A valid email address is needed to receive the newsletter. The IP address you used to subscribe to the newsletter and the date on which you subscribed to the newsletter are also stored. For APOSTROPH GERMANY, this data serves as proof of misuse if an external email address is used to subscribe to the newsletter. In addition, to ensure that an email address is not misused by third parties and entered in the APOSTROPH GERMANY mailing list, APOSTROPH GERMANY works according to a ‘double-opt-in’ procedure. With this procedure, a confirmation email will be sent to the email address specified following registration. You will not receive the requested email newsletter until you have confirmed your registration by clicking on one of the links contained in the message. Within the framework of this procedure, the request for the newsletter, the dispatch of the confirmation email and the receipt of the registration confirmation are recorded.

You have the option to revoke your consent to the storage of the data, your email address and their use for sending the newsletter at any time and with effect for the future. For the revocation, APOSTROPH GERMANY provides you with a link in every newsletter. You also have the option of contacting us in writing to withdraw your consent by using the contact options listed on the contact page.

 

IX White paper

We have made some current white papers available to you to inform you about our products and services, as well as to keep you up to date with regard to interesting developments in our industry. You can download these from our website.

To be able to provide you this information, we need your email address, first and last name and the name of the company you work for. Due to the statutory requirements of the EU’s General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG), we point out that your personal data is used only for the purpose described here and on the basis of the consent you provided for the collection and processing of your personal data.

You can revoke your consent to the storage of the data and your email address at any time with future effect. APOSTROPH GERMANY provides a link within each newsletter for revoking consent. You also have the option of revoking your consent in writing to the address listed in the legal notice.

 

X Cookies

Use of cookies

On our website, information is collected and stored through the use of so-called browser cookies.

What are cookies?

These are small text files that are stored on your data storage device and that store certain settings and data for exchange with our system via your browser. A cookie usually contains the name of the domain from which the cookie data was sent, information about the age of the cookie and an alphanumeric identifier.

Why do we use cookies?

Cookies enable our systems to recognise the user’s device and to make any presets available immediately. As soon as a user accesses the platform, a cookie is transferred to the hard drive of the user’s computer. Cookies help us to improve our website and to offer you a better and more customised service. They enable us to recognise your computer or (mobile) device again when you return to our website and thereby

store information about your preferred activities on the site so that we can tailor our site to your individual interests, and

speed up the processing of your requests.

We work together with third-party services that help us make our online offer and the website more interesting to you. Therefore, cookies from these partner companies (third-party providers) are also stored on your hard drive when you visit the website. These are cookies that are automatically deleted after a specified time.

For more information on the individual third-party providers, please refer to the Cookie Consent tool and the data protection information stored therein.

Can I control the use of cookies?

If you do not want cookies to be used at all, you can adjust your browser settings so that cookies are not accepted. Please note that, in this case, you may not be able to use our website, or may only be able to use certain functions. If you only want to accept our own cookies, but not those of our service providers and partners, you can select the ‘Block third-party cookies’ setting in your browser. We assume no responsibility for the use of third-party cookies.

 

XI Use of Google Analytics

This website uses Google Analytics, a web analytics service from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States of America (‘Google’).

Google Analytics also uses cookies, which are text files that are stored on your computer to allow an analysis of your use of the website. The information generated by the cookie on your use of the website is generally transmitted to a Google server in the United States of America and stored there.

However, if IP anonymisation is activated on this website, your IP address is first truncated by Google within Member States of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the United States of America and truncated there. In these exceptional cases, this processing is carried out in accordance with Article 6, paragraph 1, point (f) GDPR on the basis of our legitimate interest in the statistical analysis of user behaviour for optimisation and marketing purposes.

Google uses this information on behalf of the website operator to evaluate your use of the website, compile website activity reports and provide further services associated with the use of the website in particular and the Internet in general to the website operator. The IP address transmitted from your browser in the context of Google Analytics is not compiled with other Google data.

You can prevent cookies from being saved to your device using the respective setting in your browser software; we would like to explicitly state, however, that you may not be able to completely use all of this website’s features if you deactivate cookies.

Besides taking this step, you can prevent the data generated by the cookie related to your use of this website (including your IP address) from being sent to and processed by Google by downloading and installing the browser plug-in available here: http://tools.google.com/dlpage/gaoptout?hl=de.

Alternatively, you can also prevent collection by Google Analytics by setting an ‘opt-out cookie’ by clicking here. If you delete the cookies in your browser, you must then click this link again.

Google LLC, based in the United States of America, is certified under the US-EU Privacy Shield Framework, which guarantees compliance with the data protection level applicable in the European Union.

More information on how Google Analytics handles user data can be found in Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de

Google’s data privacy policy can be found here: https://policies.google.com/privacy/partners?hl=de

 

XII Use of retargeting tools

On our website apostrophgroup.de we use so-called retargeting technology. We use retargeting to categorise website visitors into user groups. Depending on the respective user group, we then target website visitors on other websites or in apps with personalised advertising about our products and services.

We use the following products, which are provided to us by service providers:

Facebook Custom Audience, Facebook Pixel

Google AdWords User Lists, Google Dynamic Remarketing

Facebook Custom Audience, Facebook Pixel

Facebook Custom Audience and Facebook Pixel are products of Facebook Ireland Ltd, Hanover Reach, 5–7 Hanover Quay, Dublin 2, Ireland (‘Facebook’). Our website uses a Facebook pixel from Facebook, which establishes a direct connection to the Facebook servers. The fact that you have visited our website is transmitted to the Facebook server. Facebook will associate this information with your personal Facebook account if you have such an account and are logged in. If you visit other websites that also use Facebook Custom Audience and/or Facebook Pixel, this information will also be linked to your user account. However, we cannot see what other websites you visit. If you are not a Facebook user or are not logged in to Facebook while visiting our website, your website visit will not be assigned to a Facebook user account.

For further information about ways to protect your privacy on Facebook, please see the Facebook privacy statement at https://www.facebook.com/about/privacy/. Specifically, you can download the content and information you have shared through your use of Facebook with the Activity Log tool or the Download Your Information tool from Facebook.

Google AdWords User Lists, Google Dynamic Remarketing

Google AdWords User Lists and Google Dynamic Remarketing are products of Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland (‘Google’). Our website uses a pixel provided by Google that establishes a direct connection to the Google servers. The fact that you visited our website is transmitted to the Google server. Google links this information to a unique ID that is stored on your device in the form of a cookie or provided by your device (advertising ID on smartphones). If you visit other websites that also use Google AdWords User Lists or Google Dynamic Remarketing, this information will also be linked to your unique ID. However, we cannot see what other websites you visit.

Objection and opt-out

You can object to the use of retargeting tools on our website for one or more tools at any time. Please use the following links:

Opt-Out „Facebook Custom Audience” / „Facebook Pixel”

Opt-Out „Google AdWords User Lists“ / „Google Dynamic Remarketing“

We store one opt-out cookie per tool with an unlimited validity period on your respective end device. If you use our website with several end devices, you must object to the use of retargeting tools on each end device, as we cannot assign multiple end devices to individual visitors. With your objection the integration of the described pixels does not occur, and there is no data exchange with Facebook or Google.

In addition, you can disable the use of personalised advertising directly on the advertising networks. Information on this can be found, for example, directly on the Google and Facebook websites.

 

XIII LinkedIn Insight-Tag

Type and scope of processing

We use the LinkedIn Insight Tag from LinkedIn Corporation, Sunnyvale, California, USA, to create target groups, categorise website visitor groups, determine conversion rates and subsequently optimise them. This takes place, in particular, when you interact with advertisements that we have placed with LinkedIn Corporation. To do this, LinkedIn Corporation provides retargeting for website visitors to display targeted advertisements outside of our website.

The LinkedIn Insight Tag collects data about visits to our website, including URL, referrer URL, IP address, device and browser properties (user agent), and timestamp. This data is used to present anonymised reports on the website’s target group and the performance of advertisements.

Purpose and legal basis

We process your data using the LinkedIn Insight Tag in order to optimise our website and for marketing purposes on the basis of your consent pursuant to Article 6, paragraph 1, point (a), of the General Data Protection Regulation (GDPR).

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by LinkedIn Corporation. Further information can be found in the privacy policy for the LinkedIn Insight Tag: www.linkedin.com/legal/privacy-policy.

 

XIV Data security

Unfortunately, the transmission of information via the Internet is never 100% secure, which is why we cannot guarantee the security of the data transmitted to our website via the Internet.

However, we protect our website through technical and organisational measures against the loss, destruction, access, modification or dissemination of your data by unauthorised persons.

In particular, your personal data is transmitted in encrypted form. We use the SSL/TLS (Secure Sockets Layer/ Transport Layer Security) encoding system. In addition, we offer you the option of using SubmitBox from FTAPI for simple and secure data transmission. Our security measures are enhanced on an ongoing basis to reflect technological developments.

 

XV Rights of the data subject

Insofar as you are a data subject as defined in Article 4, paragraph 1 GDPR, you have the following rights regarding the processing of your personal data according to the GDPR. The legal text of the rights listed below can be found at

www.bfdi.bund.de/SharedDocs/Publikationen/Infobroschueren/INFO6.html.

Right to confirmation and information

Under the conditions of Article 15 GDPR, you have the right to request confirmation as to whether personal data relating to you is processed and to obtain, at any time and free of charge, information from the controller about the stored personal data relating to you and a copy of this information.

Right to rectification

Under the conditions of Article 16 GDPR, you have the right to demand the immediate rectification of incorrect personal data concerning you. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

Right to erasure

Under the conditions of Article 17 GDPR, you have the right to demand that the personal data concerning you be deleted immediately, provided that one of the reasons stated in Article 17 GDPR applies and insofar as processing is not necessary.

Right to restriction of processing

Under the conditions of Article 18 GDPR, you have the right to request the restriction of processing if one of the conditions specified in Article 18 GDPR applies.

Right to data portability

Under the conditions of Article 20 GDPR, you have the right to receive the personal data concerning you that you have provided to us in a structured, current and machine-readable format, and you have the right to transmit this data to another person responsible without our interference, provided that the other conditions of Article 20 GDPR are met.

Right to withdraw consent

You have the right to revoke your consent to the processing of personal data given to us at any time with effect for the future. Please use the contact data indicated above to submit your revocation.

Right to object

Under the conditions of Article 21 GDPR, you have the right to object at any time to the processing of personal data concerning you. If the conditions for an effective objection are met, we may no longer process the data.

Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you believe that the processing of personal data relating to you infringes upon the provisions of the GDPR.

 

XVI Passing on of personal data

Your personal data will be passed on as described below.

The website is hosted by an external service provider in Germany. We ensure that data processing only takes place in Germany. This is necessary for the operation of the website, as well as for the establishment, implementation and processing of the existing user contract, and is also possible without your consent.

In addition, data is passed on if we are entitled or obliged to pass on data on the basis of legal regulations and/or official or court orders. In particular, this may involve providing information for law enforcement, security purposes or the enforcement of intellectual property rights.

Insofar as your data is passed on to service providers to the required extent, they only have access to your personal data to the extent necessary to fulfil their tasks. These service providers are obliged to treat your personal data in accordance with the applicable data protection laws and the GDPR in particular.

Beyond the aforementioned circumstances, we will not pass on your data to third parties without your consent. In particular, we do not pass on any personal data to bodies in third countries or international organisations.

 

XVII Storage period for personal data

With regard to the storage period, we delete personal data as soon as it is no longer required for the fulfilment of the original purpose and there is no legal retention period. The legal retention periods are ultimately the criterion for the final duration of the storage of personal data. After expiry of this period, the corresponding data is routinely deleted. If there are retention periods, processing is restricted by blocking the data.

 

XVIII References and links

When you access Internet pages referred to on our website, you may be asked again for information such as your name, address, email address, browser properties, etc. This data privacy policy does not regulate the collection, transfer or handling of personal data by third parties.

Third-party service providers can have different and individual regulations with regard to handling the collection, processing and use of personal data. It is therefore recommended to inform yourself on the websites of third parties about their practices for handling personal data before entering any personal data.

 

XIX Changes to the data privacy policy

We are constantly developing our website to provide you with an increasingly better service. We shall keep this data privacy policy up to date and adapt it accordingly if and insofar as this should become necessary.

We will, of course, inform you in good time of any changes to this data privacy policy. We will do this, for example, by sending an email to the email address you have provided to us. Should further consent be required from you with regard to our handling of your data, we will obtain this from you before such changes take effect.

You can access the current version of our data protection provisions at any time on the Internet at https://apostrophgroup.de/en/data-protection.

 

XX Data protection officer

If you have any questions regarding data protection, please contact our data protection officer.

Mein-Datenschutzbeauftragter.de

Herr Philipp Herold

Hafenstrasse 1a

23568 Lübeck, Germany

email: philipp.herold@hub24.de

 

Last updated: 01.04.2022

Achieving goals together

  • Your projects in the best hands

    We work with single points of contact. As a result, you will be looked after by a highly experienced contact person who takes your needs into account and keeps you up to date at all times.
  • Certified security

    Both our information security and our quality management are ISO certified, which guarantees secure processes.
  • A spirit of partnership

    We have long-standing partnerships with many of our clients. In addition to quality, they appreciate our values such as reliability, transparency and fairness.