LÖSUNG|N

Privacy Policy

1. Data protection

General information

The following information gives a brief overview of what happens to your personal data when you visit this website. Personal data is any information that can be used to identify you. Detailed information can be found in the privacy notice below.

Data collection on this website

Who is responsible for data processing on this website?

Data processing is carried out by the website operator. The operator’s contact details can be found in the section “Information on the controller” in this privacy notice.

How do we collect your data?

Some data is provided by you, for example when you enter it in the contact form.

Other data is collected automatically or with your consent when you visit the website. This mainly concerns technical data (browser, operating system, time of access). This data is collected automatically as soon as you access the site.

What do we use your data for?

Part of the data is needed to ensure the website runs correctly. Other data may be used to analyze user behavior. If the website allows contracts to be initiated or concluded, the transmitted data is also processed for offers, orders, or service requests.

What rights do you have?

You have the right at any time, free of charge, to obtain information about the origin, recipient, and purpose of your stored personal data. You can request rectification or erasure. If processing is based on consent, you can withdraw it with effect for the future. You may also request restriction of processing in certain cases, and you have the right to lodge a complaint with the competent supervisory authority.

You can contact us at any time about these rights or any other data-protection questions.

Analytics and third-party tools

When you visit this website, your usage may be statistically evaluated. This is mainly done with analytics tools. Details can be found in the privacy notice below.

2. Hosting

We host our website with the following provider:

IONOS

Provider: IONOS SE, Elgendorfer Str. 57, 56410 Montabaur (“IONOS”). When you visit our website, IONOS collects various log files, including your IP address.

Details can be found in the provider’s privacy notice (see IONOS privacy notice).

The use of IONOS is based on Art. 6(1)(f) GDPR. We have a legitimate interest in the most reliable possible presentation of our website. Where consent has been requested, processing is carried out solely based on Art. 6(1)(a) GDPR and Section 25(1) TDDDG, insofar as consent includes the storage of cookies or access to information on the user’s device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be withdrawn at any time.

Commissioned data processing

We have concluded a data processing agreement (DPA) with IONOS. This agreement ensures that IONOS processes personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

3. General information and mandatory notices

Data protection

We take the protection of your personal data very seriously. We treat your data confidentially and in line with the applicable data protection laws and this privacy notice.

When you use this website, various personal data is collected. Personal data is any information that can be used to identify you. This privacy notice explains what data we collect, how we use it, and for what purposes.

Please note that data transmission on the internet (e.g. email communication) may have security gaps. Complete protection of data against access by third parties is not possible.

Information on the controller

The controller responsible for data processing on this website is:

LÖSUNG N GmbH
Untere Königsstraße 44
34117 Kassel

Telefon: +49 (0) 561 / 22 07 64 10
E-Mail: info(at)loesung-n.de

The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data (e.g. names, email addresses, etc.).

Storage period

Unless a more specific storage period is stated in this privacy notice, your personal data remains with us until the purpose of processing no longer applies. If you request to withdraw consent, we will delete the data unless we are legally entitled or obliged to keep it (e.g. retention periods under tax or commercial law). In such cases, the data will be deleted after the respective retention period has expired.

Legal bases for data processing on this website

Where you have given consent, we process your data based on Art. 6(1)(a) GDPR; for special categories of data, on Art. 9(2)(a) GDPR. If you have expressly consented to a transfer to a third country, processing is also based on Art. 49(1)(a) GDPR. If consent includes the storage of cookies or access to information on your device, processing is additionally based on § 25(1) TDDDG. You may withdraw consent at any time.

If data is necessary for the performance of a contract or pre-contractual measures, we process it on Art. 6(1)(b) GDPR. If we are subject to a legal obligation, Art. 6(1)(c) GDPR applies. Processing may also be carried out on the basis of our legitimate interest under Art. 6(1)(f) GDPR. The specific legal basis is indicated in the relevant sections below.

Data protection officer

We have appointed a data protection officer.
Email: datenschutz(at)loesung-n.de

Recipients of personal data

We work with external parties. Personal data is only transferred to such recipients if this is necessary for contract performance, if there is a legal obligation, if we have a legitimate interest in the transfer under Art. 6(1)(f) GDPR, or if another legal basis applies. When we use processors, this is done based on a data processing agreement (Art. 28 GDPR). In the case of joint processing, an agreement under Art. 26 GDPR is concluded.

Withdrawal of consent

Many processing operations are only possible with your explicit consent. You can withdraw consent at any time. The lawfulness of processing before the withdrawal remains unaffected.

4.1.13 Right to object (Art. 21 GDPR)

IF PROCESSING IS BASED ON ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT, ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS.

WE WILL THEN NO LONGER PROCESS THIS DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING SERVES TO ESTABLISH, EXERCISE OR DEFEND LEGAL CLAIMS (ART. 21(1) GDPR).

WHERE PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO SUCH PROCESSING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS RELATED TO SUCH DIRECT MARKETING.

IF YOU OBJECT TO PROCESSING FOR DIRECT MARKETING, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR THESE PURPOSES (ART. 21(2) GDPR).

Right to lodge a complaint

You have the right to receive data which we process based on your consent or in performance of a contract in a structured, commonly used and machine-readable format, and to have it transmitted to another controller where technically feasible.

Right to data portability

Right of access, rectification and deletion

Within the scope of the applicable law, you have the right at any time to obtain information free of charge about your stored personal data, its origin, recipients and the purpose of processing, and, where applicable, a right to rectification or erasure. You can contact us at any time in this regard.

Right to restriction of processing

You have the right to request restriction of processing of your personal data if

you contest the accuracy of the data,

processing is unlawful and you request restriction instead of erasure,
we no longer need the data, but you require it for legal claims, or
you have objected under Art. 21(1) GDPR and a balancing of interests is pending.

If processing is restricted, this data – apart from storage – will only be processed with your consent or for the establishment, exercise or defense of legal claims, or to protect the rights of another person, or for reasons of important public interest.

SSL/TLS encryption

For security reasons and to protect the transmission of confidential content (e.g. orders or inquiries), this site uses SSL/TLS encryption. You can recognize an encrypted connection by “https://” and the padlock symbol in your browser. With SSL/TLS enabled, data you transmit to us cannot be read by third parties.

Note: This is a legally conforming, plain-English version; your local counsel can adapt it to your IONOS setup and to the latest TDDDG wording.

4. Data collection on this website

Cookies

Our website uses “cookies”. Cookies are small text files that are stored on your device and do not do any harm. Some cookies are only stored for the session (session cookies) and are deleted automatically when you leave the site. Other cookies remain on your device until you delete them, or your browser deletes them automatically (persistent cookies).

Cookies can be set by us (first-party cookies) or by third parties (third-party cookies). Third-party cookies make it possible to integrate services from other providers (e.g. payment and analytics).

Cookies serve different purposes. Some are technically necessary so that the website works (e.g. language settings, forms). Others are used to analyze usage or for marketing purposes.

Technically necessary cookies are stored on the basis of Art. 6(1)(f) GDPR. We have a legitimate interest in providing our website in a technically correct and optimized way. If we ask for your consent, processing is based on Art. 6(1)(a) GDPR and § 25(1) TDDDG; you can withdraw consent at any time.

You can set your browser to inform you about cookies, allow them only in individual cases, exclude them completely, or delete them when the browser is closed. If you deactivate cookies, parts of the website may not work properly.

Details on individual cookies and services are listed in this privacy notice.

Consent with Borlabs Cookie

We use the consent tool Borlabs Cookie from Borlabs GmbH, Rübenkamp 32, 22305 Hamburg, Germany.

When you visit our website, the cookie borlabs-cookie is stored in your browser. This cookie stores which consents you have given or withdrawn. This data is not passed on to Borlabs.

The data is stored until you ask us to delete it, delete the borlabs-cookie yourself, or the purpose for storage no longer applies. Statutory retention obligations remain unaffected. Details can be found here: (see Borlabs information page).

We use Borlabs Cookie to obtain legally required consents for cookies and comparable technologies. The legal basis is Art. 6(1)(c) GDPR.

You can change or withdraw your consent at any time via the cookie icon/preferences center on this website. If you withdraw consent, we delete or deactivate the affected cookies as far as technically possible.

Technically necessary cookies are not affected by this because they are required for operation.

Server log files

The provider of this website automatically collects and stores information in server log files that your browser automatically transmits to us. This includes:

browser type and version

operating system used
referrer URL
host name of the accessing device
time of the server request
IP address

This data is not combined with other data sources.

The collection of this data is based on Art. 6(1)(f) GDPR. We have a legitimate interest in the technically error-free presentation and optimization of our website; for this purpose, the server log files must be recorded.

Contact form

If you send us inquiries via the contact form, we store the data you provide (including contact data) to process the request and in case of follow-up questions. We do not pass this data on without your consent.

The legal basis is Art. 6(1)(b) GDPR if the request is connected to a contract or pre-contractual measures. Otherwise, the basis is our legitimate interest in effective processing of inquiries (Art. 6(1)(f) GDPR) or, if you consent, Art. 6(1)(a) GDPR. You can withdraw consent at any time.

We store the data until you ask us to delete it, withdraw consent, or the purpose for storage no longer applies. Statutory retention periods remain unaffected.

Inquiries by email, telephone or fax

If you contact us by email, phone, or fax, we store and process your inquiry and associated personal data to handle your request. We do not pass it on without your consent.

Processing is based on Art. 6(1)(b) GDPR if related to a contract or pre-contractual steps; otherwise on Art. 6(1)(f) GDPR or, where given, Art. 6(1)(a) GDPR. You can withdraw consent at any time.

Data remains with us until you request deletion, withdraw consent or the purpose no longer applies. Statutory retention periods remain unaffected.

5. Social media

This website uses the functions from the social network LinkedIn. Provider: LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

When a page with LinkedIn elements is loaded, a connection to LinkedIn’s servers is established. LinkedIn is informed that you visited our website with your IP address. If you click the LinkedIn “Recommend” button while logged in, LinkedIn can assign the visit to your account. As website operator we have no influence on the transmitted data or its further use.

Use of LinkedIn is based on your consent under Art. 6(1)(a) GDPR and § 25(1) TDDDG. You can withdraw consent at any time.

Data transfers to the US are based on the EU Commission’s Standard Contractual Clauses (SCCs) and on certification under the EU–US Data Privacy Framework (DPF). Details are available in LinkedIn’s privacy policy.

6. Analytics tools and advertising

Google Tag Manager

We use Google Tag Manager (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). Tag Manager lets us load and manage analytics and marketing tools. It does not create user profiles, store cookies, or run its own analyses. It does, however, collect your IP address, which may be transferred to Google LLC in the USA.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in simple tool integration). If you have given consent, the basis is Art. 6(1)(a) GDPR and § 25(1) TDDDG. You can withdraw consent at any time. Google is certified under the EU–US Data Privacy Framework (DPF).

Google Analytics

This website uses Google Analytics. The tool enables us to analyze how visitors use the site (page views, dwell time, devices, regions). Google may also record mouse and scroll behavior and uses modeling/ML to complete data sets. For this, it uses technologies such as cookies or fingerprinting device. Data is generally sent to Google servers in the USA.

Legal basis: your consent, Art. 6(1)(a) GDPR and § 25(1) TDDDG. You can withdraw consent at any time.

IP anonymization is enabled, so your IP is shortened within the EU/EEA; only in exceptional cases is the full IP sent to the USA and shortened there. Google will not merge your IP with other Google data.

Opt-out: you can prevent tracking with the browser add-on: https://tools.google.com/dlpage/gaoptout?hl=en

Google Ads

We use Google Ads to place ads in Google Search and on partner sites. Ads can be shown based on search terms (keyword targeting) or on user data held by Google (audience targeting). We can evaluate which keywords triggered our ads and which ads were clicked.

Legal basis: consent, Art. 6(1)(a) GDPR and § 25(1) TDDDG. You can withdraw consent at any time. Transfers to the USA are based on SCCs and DPF.

Google Conversion-Tracking

We also use Google Conversion Tracking. It helps us see whether a user carried out a defined action after clicking an ad (e.g. sent a form). We receive statistics only; we cannot identify you personally. Google uses cookies or similar technologies for this.

Legal basis: consent, Art. 6(1)(a) GDPR and § 25(1) TDDDG. You can withdraw consent at any time. Details: https://policies.google.com/privacy

7. Plugins and tools

OpenStreetMap

We use map services from OpenStreetMap (OSM). The maps are provided by OpenStreetMap Foundation, St John’s Innovation Center, Cowley Road, Cambridge, CB4 0WS, United Kingdom. The UK is considered by the EU to offer an adequate level of data protection.

When you view an OSM map, a connection to OSM servers is established. In doing so, your IP address and information about your use of this website can be transmitted to OSM. OSM may store cookies or use similar technologies.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in a user-friendly, location-based presentation). If we ask for consent, processing is based on Art. 6(1)(a) GDPR and § 25(1) TDDDG. You can withdraw consent at any time.

Google reCAPTCHA

We use Google reCAPTCHA (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). reCAPTCHA helps us determine whether data entered on the website comes from a human or an automated program. For this purpose, reCAPTCHA analyzes visitor behavior (e.g. IP address, time spent, mouse movements). This data is transmitted to Google. The analysis runs in the background.

Legal basis: Art. 6(1)(f) GDPR (protection of website and forms against abuse and spam). If consent was requested, Art. 6(1)(a) GDPR and § 25(1) TDDDG apply; consent can be withdrawn at any time.

Further information:

8. External Links

This website contains links to external, third-party sites (e.g. Google Maps). These links are identified as such. Once you click an external link, you leave the area for which we are responsible. From that point, data is processed under the responsibility of the respective provider. We have no influence on the scope and purpose of that processing.

Google Maps is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Information on data processing: https://policies.google.com/privacy

9. Audio and Video Conferencing

Data processing

We use online conferencing tools to communicate with customers and partners. When you use such a tool, personal data is processed by us and by the provider. This includes the data you enter (name, email), metadata (duration, time, participants) and technical data (IP, device, OS, client version, camera/microphone data). If you upload or share content, this content is also stored by the tool provider.

We cannot fully control the provider’s own processing. Please also see the provider’s privacy policy.

Purpose and legal basis

We use conferencing tools to perform contracts or pre-contractual measures (Art. 6(1)(b) GDPR) and to enable fast, secure communication (Art. 6(1)(f) GDPR). If we ask for consent, Art. 6(1)(a) GDPR and § 25(1) TDDDG apply; consent can be withdrawn at any time.

Retention

Data that we store via the tools is deleted once the purpose no longer applies, or you request deletion, unless statutory retention periods apply. We have no influence on retention by the tool provider.

Tools used

We use the following conference tools

Microsoft Teams

Provider: Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland.
Privacy: https://privacy.microsoft.com/de-de/privacystatement

10. Own Services

Handling of applicant data

You can apply to us by email, by post, or via an online form. Below we explain how we process your personal data in the application process. We process your data in accordance with data protection law and confidentially.

Scope and purpose of processing

We process the data you send us (contact details, CV, certificates, interview notes, correspondence) to decide on the establishment of an employment relationship. Legal bases: § 26 BDSG (initiation of employment), Art. 6(1)(b) GDPR (pre-contractual measures) and, where applicable, Art. 6(1)(a) GDPR (consent). You can withdraw consent at any time. Within our organization, your data is only shared with people involved in recruiting.

If your application is successful, we store and process your data based on § 26 BDSG and Art. 6(1)(b) GDPR for the purpose of carrying out the employment relationship.

Retention period

If we do not hire you, if you decline an offer or withdraw your application, we store your data on the basis of our legitimate interests (Art. 6(1)(f) GDPR) for up to 6 months after the end of the application process. This serves as evidence in case of legal disputes. After that, the data is deleted, and physical documents are destroyed.

Longer storage takes place only if

you have consented to it (e.g. for inclusion in a talent pool), or
statutory retention obligations prevent deletion.