Responsible body in terms of data protection laws and operator of the website https://toworkingermany.com.ua is:
freelance.de Services GmbH
Nymphenburger Str. 70
D-80335 München
Legal form: GmbH
Commercial Register of the Munich Local Court, HRB no.: 163005
VAT ID: DE250307683
Managing directors: Mario Bahnert, Stefan Oberdörfer
If you have any questions about data protection, wish to exercise your rights as a data subject or wish to withdraw consent, you can contact our data protection officer Mario Bahnert at datenschutz@freelance-services.de or on +49 89 215378-222.
(Note: In order not to impair the flow of reading, only the masculine form is mentioned here and in the following explanatory text, but the feminine and other forms are always equally meant).
You can only effectively consent to the collection, processing and use of your data when you reach the age of majority and have legal capacity. For this reason, the operator cannot store your data on this website if you are not yet 18 years old. By submitting this privacy policy, you declare that you are legally competent after reaching the age of majority. Parents or guardians are responsible for protecting the privacy of their children.
The operator processes your data for these purposes (Art. 13 para. 1c GDPR):
The processing of your data is based on the following legal grounds:
The operator only handles personal data insofar as this is possible in accordance with data protection regulations. In doing so, he endeavours to take all necessary technical and organisational security measures to adequately protect your personal data from unauthorised access and misuse at all times.
Insofar as personal data is stored or processed, this is done within a high-security computer centre. To protect the security of your data during transmission, a state-of-the-art encryption method (e.g. SSL) is used via HTTPS. The servers are secured by means of a firewall and virus protection. Back-up and recovery procedures as well as role and authorisation concepts are a matter of course.
The operator’s employees are obliged to observe the regulations of the German Telemedia Act (TMG), the German Telecommunications Act (TKG), the new Federal Data Protection Act and the GDPR when handling data.
The personal data stored by the operator could be disclosed to the following recipients or categories of recipients (Art. 13 para. 1 lit. e GDPR):
Your personal data will be processed by us internally by the responsible department(s). These are:
In addition, we have commissioned service providers (so-called order processors). These are carefully selected and checked by us. In addition, we conclude an order processing contract (OPC contract) with each service provider. Our service providers are:
In order to carry out your request or to fulfil a legal obligation, it is necessary to pass on your personal data to third parties named below:
Data is only transmitted to third parties in the cases prescribed by law, insofar as this is necessary to provide the contractual services by transmitting your data to other users (e.g. when using the following features: Application, messaging or recommendation of projects and profiles) or for the processing of payments by an external payment service provider is required.
If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transmit it to them or otherwise grant them access to the data, this will only be done on the basis of a legal permission that you have consented to, a legal obligation provides for this or on the basis of our legitimate interests.
If we commission third parties with the processing of data on the basis of a so-called “order processing agreement”, this is done on the basis of Art. 28 GDPR.
When processing your personal data, it is not transmitted to countries outside the EU or EEA or service providers from countries outside the EU or EEA (so-called third countries) cannot access your personal data (Art. 13 para. 1 lit. f GDPR). Exceptions are integrated services and contents of third parties (e.g. payment service providers, Google services), here transmission to third countries cannot be excluded. Further information on the transmission of data to third countries and third parties can be found in the respective chapters.
If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA)) or if this is done in the context of using third-party services or disclosing or transmitting data to other persons or companies, this is only done if it is done to fulfil our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. Subject to express consent or contractually required transmission, we only process or have data processed in third countries with a recognised level of data protection or on the basis of special guarantees, such as contractual obligation through so-called standard protection clauses of the EU Commission, the existence of certifications or binding internal data protection regulations (Art. 44 to 49 GDPR).
The operator does not create personal user profiles of toworkingermany.com.ua users.
However, when accessing toworkingermany.com.ua, information of a general nature is automatically collected and stored in log files. This information (e.g. application logs, web server logs, audit logs, mail logs, deletion report) includes, for example, all IP addresses accessing the server as well as information about its operating system, the browser used, the referrer URL (i.e. the website from which you came), the time of access and similar. In particular, they are processed for the following purposes:
The processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website.
Recipients of the data may be technical service providers who act as order processors for the operation and maintenance of our website.
The data is deleted as soon as it is no longer required for the purpose for which it was collected. This is generally the case for data that serves the provision of the website when the respective session has ended. The general log files are stored for a period of six weeks. Audit logs are created in the context of payment transactions and stored in encrypted form for a period of 12 months (PCI-DSS certification requirement).
The provision of the aforementioned personal data is neither legally nor contractually required. However, without the IP address, the service and functionality of our website is not guaranteed. In addition, individual services and services may not be available or may be restricted. For this reason, an objection is excluded.
This website does not use “cookies” or “local storage” (also “local data” and “local storage”).
If you contact us by e-mail or contact form, the information you provide will be stored and processed for the purpose of processing the individual enquiry and for possible follow-up questions.
The processing of the data entered in the contact form is based on a legitimate interest (Art. 6 para. 1 lit. f GDPR).
By providing the contact form, we would like to enable you to contact us in a straightforward way. The information you provide will be stored for the purpose of processing the enquiry and for possible follow-up questions.
If you contact us to request a quote, the data entered in the contact form will be processed to carry out pre-contractual measures (Art. 6 para. 1 lit. b GDPR).
The provision of your personal data is voluntary. However, we can only process your request if you provide us with your name, e-mail address and the reason for the request.
We hereby expressly object to the use of published contact data by third parties for the purpose of sending unsolicited advertising and information material. The operator of the website expressly reserves the right to take legal action in the event of the unsolicited sending of advertising information, for example through spam e-mails.
The operator uses software services accessible via the Internet (so-called “cloud services”, also referred to as “Software as a Service (SaaS)”) for the following purposes: Document storage and management, calendar management, e-mailing, spreadsheets and presentations, sharing documents, content and information with specific recipients or publishing other content, as well as internal and external chats and participation in audio and video conferences.
The software services used by the operator for these purposes are provided by the provider(s) named below on their servers. In this context, personal data may be processed and stored on the servers of the providers to the extent that these are part of communication processes with the operator or are otherwise processed by the operator as set out in the context of this privacy policy. This data may include, in particular, master data and contact data of users, data on transactions, contracts, other processes and their contents. Cloud service providers also process usage and metadata to secure their servers and optimise their services.
The operator points out that, depending on the location of the provider named below, the data named in more detail below may be transmitted to and processed on servers outside the European Union. In this case, there is a risk that the level of data protection prescribed by the GDPR will not be complied with and that the enforcement of your rights will not be possible or will be difficult. If the provider used by the operator offers to process the data exclusively within the EU, the operator intends – if currently not already implemented – to process your data exclusively there.
The processing of data required for the performance of contracts and pre-contractual enquiries is based on Art. 6 para. 1 lit. b GDPR. The processing of further data is based on a legitimate interest (Art. 6 para. 1 lit. f GDPR).
Microsoft Cloud services:
Privacy policy: https://privacy.microsoft.com/de-de/privacystatement
5.1. Deletion or blocking of data
The operator adheres to the principles of data avoidance and data economy and therefore only stores your personal data for as long as is necessary to achieve the purposes stated here or as stipulated by the various storage periods set by the legislator. If you have given us your consent, we will store your data until you revoke your consent.
After the respective purpose has ceased to exist or these periods have expired, the corresponding data is routinely blocked or deleted in accordance with the statutory provisions. In the following overview you will find our deletion periods for personal data:
| Type of data | Examples | Deletion deadlines | Comment |
|---|---|---|---|
| Log data general | Application logs, web server logs, mail logs, etc. | 6 weeks | |
| Data for contact and contact form | Name, e-mail address, etc. | 12 weeks | Data will be deleted no later than 12 weeks after the request has been processed. If a contractual relationship arises, we are subject to the statutory retention periods according to the German Commercial Code (HGB) and delete your data after these periods have expired. |
| Applicant data and application documents | Name, address, e-mail address, CV, certificates, picture, etc. | 6 months | Relevant for job advertisement of toworkingermany.com.ua (see Data will be deleted no later than 6 months after the end of the application process. |
| Data relevant under commercial law or tax law | Invoices & accounting vouchers, business letters, etc. | 10 years | Legal requirements: § 257 German Commercial Code, § 147 tax code as well as § 14b VAT Act |
| Data relevant under commercial law or tax law | Commercial letters (excluding incoming and outgoing invoices), business letters, e-mails and other digital documents | 6 years | Legal requirements: § 257 German Commercial Code, § 147 tax code as well as § 14b VAT Act |
You have the right to receive information about all of your personal data stored by the operator (in accordance with Art. 15 GDPR). Alternatively, you can contact the operator with questions about your right to information and the data stored about you (see “Operator”).
You have the right to object to the display of your data on https://toworkingermany.com.ua.
To exercise your right to object to processing (Art. 21 GDPR), please contact us (see “Operator”).
You can make changes or revoke consent at any time by notifying the operator with effect for the future (Art. 7 para. 3). To do so, please contact us (see “Operator”).
You can lodge a complaint with the supervisory authority responsible for you at any time (Art. 77 GDPR). Your competent supervisory authority depends on the federal state of your residence. A list of the supervisory authorities (for the non-public sector) with address can be found at:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
For rectification (Art. 16 GDPR) or erasure of data (Art. 17 GDPR), restriction of processing (Art. 18 GDPR) or the right to data portability (Art. 20 GDPR), please contact us (see “Operator”). The use of toworkingermany.com.ua is then only possible to a limited extent.
Experience shows that the legal situation regarding data protection is subject to regular reforms, to which the privacy policy may also have to be adapted. The content of this offer is also subject to constant changes and further developments. The operator therefore reserves the right to adapt this privacy policy accordingly. In addition, you should visit this website at regular intervals to inform yourself about possible changes to the privacy policy and other terms of use on this website. The new privacy policy will then apply to your next visit.
© 2023 ToWorkinGermany. All Rights Reserved