Information on data processing, legal bases and terminology

1.1. This data protection declaration clarifies the type, scope and purpose of the processing of personal data within our online offer and the websites, functions and contents connected with it (hereinafter jointly referred to as “website” or “online offer”). The privacy policy applies regardless of the domains, systems, platforms and devices (e.g. desktop or mobile) used to run the Website. For the area of our website aimed at applicants of Kylient and operated under /career (hereinafter referred to as the “Applicant Area”), there are supplementary regulations under Art. 12 of this Privacy Policy.

1.2. The terms used, such as ‘personal data’ or their ‘processing’, refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

1.3. The personal data of the users processed in the context of this online offer includes usage data (the visited websites of our online offer, access times), communication data (device IDs, IP addresses, location data, browser type and version, operating system used, website, from You visit us), content data (entries in the contact form) as well as applicant data (name, contact details, subject areas, application documents).

1.4. The term “user” covers all categories of persons affected by data processing. These include our business partners, customers, prospects, applicants and other visitors to our online offer. The terms used, such as “users” are to be understood gender-neutral.

1.5. We process personal data of users only in compliance with the relevant data protection regulations. This means that users’ data will only be processed if we have a legal permit. That is, especially if the data processing for the provision of our contractual services (eg processing of orders) as well as online services is required or required by law, the consent of the user exists, as well as our legitimate interests (ie interest in the analysis, optimisation and economic Operation and security of our online offer within the meaning of Art. 6 (1) lit. GDPR, in particular in the range measurement, creation of profiles for advertising and marketing purposes as well as collection of access data and use of the services of third-party providers).

1.6. Please note that the legal basis for the consent is Art. 6 para. 1 lit. a. and Art. 7 GDPR. The legal basis for processing for the purpose of fulfilling our services and implementing contractual measures is Art. 6 para. 1 lit. b. GDPR. The legal basis for processing for the purpose of fulfilling our legal obligations is Art. 6 para. 1 lit. c. GDPR and the legal basis for the processing to safeguard our legitimate interests is Art. 6 para. 1 lit. f. GDPR.

2.Safety measures

2.1. We take organisational, contractual and technical security measures in accordance with the state of the art to ensure that the provisions of the data protection laws are adhered to and in order to protect the data processed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorised persons.
2.2 .The security measures include in particular the encrypted transmission of data between your browser and our server..

3.Disclosure of data to third parties and third parties

3.1. A transfer of data to third parties is only within the scope of legal requirements. We only pass on the data of the users to third parties if, for example, on the basis of Art. 6 para. 1 lit. b) GDPR is required for contract purposes or based on legitimate interests in accordance with Art. Art. 6 para. 1 lit. f. GDPR for efficient and effective operation of our business operations.

3.2. If we use subcontractors to provide our services, we will take appropriate legal precautions and appropriate technical and organisational measures to protect personal data in accordance with applicable law.

3.3 In the context of this Privacy Policy, if content, tools or other means are used by other providers (collectively referred to as “Third Party Providers” ) and their registered office is located in a third country, it can be assumed that the data will be transferred to the countries of residence of the third party providers. Third countries are to be understood as countries in which the GDPR is not directly applicable law, ie in principle, countries outside the EU or the European Economic Area. The transfer of data to third countries occurs either when there is an adequate level of data protection, user consent or other legal authorization.