Loading (custom)...

سياسة الخصوصية وحماية البيانات

سياسة الخصوصية لشركة Brightest GmbH

إصدار 2.0, صالح من تاريخ 2021-01-15

ملاحظة أولية: تمت ترجمة سياسة الخصوصية هذه من الألمانية. في حالة فهم مشكلات ، يتم تطبيق النسخة الألمانية دائمًا على سبيل الأولوية!

نحن سعداء للغاية باهتمامك بشركتنا. حماية البيانات ذات أهمية خاصة لإدارة Brightest GmH ، برلين. يمكن استخدام صفحات الإنترنت الخاصة بنا دون أي إشارة إلى البيانات الشخصية. ومع ذلك ، إذا رغب صاحب البيانات في استخدام خدمات خاصة لشركتنا عبر موقعنا الإلكتروني ، فقد تكون معالجة البيانات الشخصية ضرورية. إذا كانت معالجة البيانات الشخصية ضرورية ولا يوجد أساس قانوني لهذه المعالجة ، فإننا نحصل عمومًا على موافقة صاحب البيانات.

تتم معالجة البيانات الشخصية ، مثل الاسم أو العنوان البريدي أو عنوان البريد الإلكتروني أو رقم الهاتف لصاحب البيانات ، دائمًا وفقًا للائحة العامة لحماية البيانات (GDPR) ووفقًا للوائح حماية البيانات الخاصة بكل بلد. ينطبق علينا. من خلال إعلان حماية البيانات هذا ، نود إبلاغ الجمهور بطبيعة البيانات الشخصية التي نجمعها ونستخدمها ونعالجها ونطاقها والغرض منها. بالإضافة إلى ذلك ، يتم إبلاغ أصحاب البيانات بحقوقهم من خلال إعلان حماية البيانات هذا.

قامت شركة Brightest GmH ، برلين ، بصفتها المتحكم ، بتنفيذ العديد من الإجراءات الفنية والتنظيمية لضمان الحماية الكاملة للبيانات الشخصية التي تتم معالجتها عبر هذا الموقع. ومع ذلك ، يمكن أن تحتوي عمليات نقل البيانات عبر الإنترنت بشكل عام على فجوات أمنية ، لذلك لا يمكن ضمان الحماية المطلقة. لهذا السبب ، فإن أي موضوع بيانات له الحرية في إرسال البيانات الشخصية إلينا بوسائل بديلة ، على سبيل المثال عبر الهاتف.

1. تعريفات

يعتمد إعلان حماية البيانات هذا لشركة Brightest GmbH ، برلين على المصطلحات المستخدمة في اللائحة العامة لحماية البيانات (GDPR). يجب أن تكون سياسة الخصوصية الخاصة بنا سهلة القراءة والفهم للجمهور وكذلك لعملائنا وشركائنا في العمل. لضمان ذلك ، نود أن نشرح بعض المصطلحات المحددة مسبقًا
نحن نستخدم المصطلحات التالية ، من بين أمور أخرى ، في سياسة الخصوصية هذه:

  • a) بيانات شخصية

    Personal تشير البيانات الشخصية إلى أي معلومات تتعلق بشخص طبيعي محدد أو قابل للتحديد (يشار إليه فيما يلي باسم "موضوع البيانات"). يُعتبر الشخص الطبيعي قابلاً للتحديد عندما يمكن التعرف عليه بشكل مباشر أو غير مباشر ، ولا سيما من خلال الارتباط بتعريف مثل الاسم أو رقم التعريف أو الموقع أو المعرف عبر الإنترنت أو واحد أو أكثر من الخصائص المحددة التي تمثل تعبيرًا عن الخصائص الفيزيائية والفسيولوجية ، الهوية الجينية أو النفسية أو الاقتصادية أو الثقافية أو الاجتماعية لذلك الشخص الطبيعي.

  • b) موضوع البيانات

    يشير موضوع البيانات إلى أي شخص طبيعي محدد أو قابل للتحديد تتم معالجة بياناته الشخصية بواسطة وحدة التحكم.

  • c) المعالجة

    تشير المعالجة إلى أي عملية أو سلسلة من العمليات التي يتم تنفيذها بمساعدة أو بدون مساعدة الإجراءات الآلية فيما يتعلق بالبيانات الشخصية مثل الجمع أو التسجيل أو التنظيم أو الطلب أو التخزين أو التكييف أو التعديل أو القراءة أو الاستعلام أو الاستخدام أو الكشف عن طريق الإرسال أو النشر أو أي شكل آخر من أشكال الحكم أو المقارنة أو الربط أو التقييد أو الحذف أو الإتلاف.

  • d) تقييد المعالجة

    تقييد المعالجة هو وضع علامة على البيانات الشخصية المخزنة بهدف تقييد معالجتها في المستقبل.

  • e) مراقب البيانات (مراقب)

    يشير مراقب البيانات إلى الشخص الطبيعي أو الاعتباري أو السلطة العامة أو الوكالة أو أي هيئة أخرى تقرر ، بمفردها أو بالاشتراك مع آخرين ، أغراض ووسائل معالجة البيانات الشخصية. عندما يتم تحديد أغراض ووسائل هذه المعالجة بموجب قانون الاتحاد أو قانون الدول الأعضاء ، يجوز توفير المراقب أو المعايير المحددة لترشيحه بموجب قانون الاتحاد أو قانون الدول الأعضاء.

  • f) المعالج

    يشير المعالج إلى الشخص الطبيعي أو الاعتباري أو السلطة العامة أو الوكالة أو أي هيئة أخرى تعالج البيانات الشخصية نيابة عن المتحكم.

  • g) المستلمون

    يشير المتلقي إلى الشخص الطبيعي أو الاعتباري أو السلطة العامة أو الوكالة أو أي هيئة أخرى يتم الكشف عن البيانات الشخصية لها ، سواء كانت طرفًا ثالثًا أم لا. ومع ذلك ، لا يجوز اعتبار السلطات التي قد تتلقى بيانات شخصية في إطار تفويض تحقيق محدد بموجب قانون الاتحاد أو الدول الأعضاء مستلمين.

  • h) الطرف الثالث

    يشير الطرف الثالث إلى الشخص الطبيعي أو الاعتباري أو السلطة العامة أو الوكالة أو أي هيئة أخرى غير موضوع البيانات والمراقب والمعالج والأشخاص المصرح لهم بمعالجة البيانات الشخصية تحت المسؤولية المباشرة لوحدة التحكم أو المعالج./p>

  • i) موافقة

    تشير الموافقة إلى أي بيان نوايا يتم تقديمه تطوعيا من قبل صاحب البيانات بطريقة مستنيرة وواضحة ، في شكل إعلان أو أي عمل إيجابي آخر لا لبس فيه يشير فيه صاحب البيانات إلى موافقته على معالجة البيانات الشخصية المتعلقة به.

2. اسم وعنوان وحدة التحكم

الشخص المسؤول عن أغراض اللائحة العامة لحماية البيانات وقوانين حماية البيانات الأخرى السارية في الدول الأعضاء في الاتحاد الأوروبي والأحكام الأخرى ذات طبيعة حماية البيانات هي:

  • Brightest GmbH
  • Lehmbruckstr. 18
  • 10245 Berlin
  • Tel.: +49 (0) 176 7074 2936
  • E-Mail: info@brightest.org
  • Website: www.brightest.org

3. اسم وعنوان المشرف على حماية البيانات

مسؤول حماية البيانات للمراقب هو:

  • Günter Hilgers
  • EcoVisio GmbH
  • Rheinwerkalle 3
  • 53227 Bonn
  • E-Mail: dataprotection@brightest.com

يمكن لأي موضوع بيانات الاتصال بمسؤول حماية البيانات لدينا مباشرة في أي وقت لطرح أي أسئلة أو اقتراحات بخصوص حماية البيانات.

4. تفاصيل الاتصال بالسلطة الإشرافية

# مستخدم ، (2) نظام التشغيل المستخدم بواسطة نظام الوصول ، (3) موقع الويب الذي يصل منه نظام الوصول إلى موقعنا على الويب (ما يسمى بالإحالات) ، (4) مواقع الويب الفرعية ، التي يتم الوصول إليها عبر نظام الوصول على موقعنا ، (5) تاريخ ووقت الوصول إلى موقع الويب ، (6) عنوان بروتوكول الإنترنت (عنوان IP) ، (7) مزود خدمة الإنترنت لنظام الوصول والبيانات الأخرى (8) البيانات الأخرى ، والتي مصممة لمنع الهجمات على أنظمة تكنولوجيا المعلومات لدينا.
عند استخدام هذه البيانات والمعلومات العامة ، لا نستخلص أي استنتاجات حول الشخص المعني. هذه المعلومات مطلوبة فقط من أجل (1) تسليم محتويات موقعنا بشكل صحيح ، (2) لتحسين محتوى موقعنا والإعلان عنه ، (3) لضمان التشغيل طويل الأمد لأنظمة تكنولوجيا المعلومات لدينا و التكنولوجيا الخاصة بموقعنا ، و (4) تزويد السلطات المسؤولة عن إنفاذ القانون بالمعلومات اللازمة في حالة وقوع هجوم إلكتروني. لذلك نقوم بتحليل هذه البيانات والمعلومات التي تم جمعها بشكل مجهول لأسباب إحصائية ولغرض زيادة حماية البيانات وأمن البيانات في شركتنا ، من أجل ضمان المستوى الأمثل من الحماية للبيانات الشخصية التي نعالجها. يتم تخزين البيانات المجهولة لملفات سجل الخادم بشكل منفصل عن جميع البيانات الشخصية المقدمة من صاحب البيانات.

تشفير SSL

لأسباب أمنية ولحماية نقل المحتوى السري ، مثل الطلبات التي ترسلها إلينا كمشغل للموقع ، يستخدم هذا الموقع تشفير Secure Socket Layer (SSL). يمكنك التعرف على اتصال مشفر عن طريق تغيير سطر عنوان المتصفح من & ldquo؛ http: // & rdquo؛ إلى & ldquo ؛ https: // & rdquo ؛ ومن خلال رمز القفل في خط المتصفح الخاص بك. إذا تم تمكين تشفير SSL ، فلا يمكن لأي طرف ثالث قراءة البيانات التي ترسلها إلينا.

5. تعريف الارتباط

ملف تعريف الارتباط هو سجل صغير يتم تخزينه على جهازك ويحتوي على بيانات مثل. إعدادات الصفحة الشخصية وبيانات الاعتماد. يتم إنشاء هذا السجل وإرساله إليك بواسطة خادم الويب الذي أنشأت به اتصالاً عبر متصفح الويب الخاص بك. بشكل عام ، نستخدم ملفات تعريف الارتباط لتحليل الاهتمام بمواقعنا الإلكترونية ولتحسين إمكانية استخدام مواقعنا. يمكنك أيضًا الوصول إلى مواقعنا الإلكترونية بدون ملفات تعريف الارتباط. إذا كنت ترغب في استخدام مواقعنا الإلكترونية بالكامل أو بشكل ملائم ، يجب عليك قبول ملفات تعريف الارتباط التي تتيح استخدام وظائف معينة أو تجعل الاستخدام أكثر ملاءمة. يمكن العثور على أغراض ملفات تعريف الارتباط التي نستخدمها في إدارة الموافقة عند الاتصال الأول بموقعنا على الويب أو بعد ذلك عن طريق استدعاء التحكم في خدمات ملفات تعريف الارتباط ضمن & quot؛ ملفات تعريف الارتباط & quot؛ على موقعنا. باستخدام مواقعنا الإلكترونية ، يُطلب منك الموافقة على استخدام ملفات تعريف الارتباط ، طالما أنها ليست ضرورية للتشغيل السليم للموقع. يمكنك أن تقرر ما إذا كنت ستوافق على استخدام ملفات تعريف الارتباط رهنا بالموافقة في إدارة الموافقة على موقعنا. لديك أيضًا خيار إعداد متصفحك بحيث يتم عرض ملفات تعريف الارتباط قبل تخزينها ، أو قبول ملفات تعريف ارتباط معينة فقط أو رفضها ، أو رفض ملفات تعريف الارتباط بشكل عام. نود أن نشير إلى أن تغييرات الإعدادات في المتصفح تؤثر فقط على المتصفح المعني. إذا كنت تستخدم مستعرضات مختلفة أو قمت بتغيير الجهاز ، فيجب إعادة الإعدادات مرة أخرى. بالإضافة إلى ذلك ، يمكنك حذف ملفات تعريف الارتباط من وسيط التخزين الخاص بك في أي وقت.

للحصول على معلومات حول إعدادات ملفات تعريف الارتباط وتعديلها وحذف ملفات تعريف الارتباط ، يرجى الرجوع إلى وظيفة المساعدة في متصفح الويب الخاص بك. فيما يلي الأنواع الأكثر شيوعًا من ملفات تعريف الارتباط الموضحة لفهمك:

5.1 جلسة ملف تعريف الارتباط

أثناء نشاطك على صفحة ويب ، يتم وضع ملف تعريف ارتباط الجلسة مؤقتًا في ذاكرة الكمبيوتر الخاص بك ، حيث يتم تخزين معرف الجلسة ، على سبيل المثال ، لمنعك من تسجيل الدخول مرة أخرى في كل مرة تقوم فيها بفصل الصفحة. يتم حذف ملفات تعريف الارتباط الخاصة بالجلسة عند تسجيل الخروج أو انتهاء صلاحيتها عند انتهاء الجلسة تلقائيًا.

5.2 ملفات تعريف الارتباط الدائمة او الخاصة بالبروتوكول

يخزن ملف تعريف الارتباط الدائم أو البروتوكول ملفًا على جهاز الكمبيوتر الخاص بك خلال الفترة الزمنية المنصوص عليها في تاريخ انتهاء الصلاحية. تعمل ملفات تعريف الارتباط هذه على تذكير مواقع الويب بمعلوماتك وإعداداتك في زيارتك القادمة. ينتج عن هذا وصول أسرع وأكثر ملاءمة ، حيث لا يتعين عليك إعادة ضبط إعدادات اللغة الخاصة بك لبوابتنا. عند انتهاء تاريخ انتهاء الصلاحية ، يتم حذف ملف تعريف الارتباط تلقائيًا عند زيارة موقع الويب الذي تم إنشاؤه.

5.3 ملفات تعريف ارتباط الطرف الثالث

تأتي ملفات تعريف ارتباط الطرف الثالث من مزودي خدمات بخلاف مشغل موقع الويب. على سبيل المثال ، يمكن استخدامها لجمع معلومات للإعلان والمحتوى المخصص وإحصاءات الويب.

5.4 ملفات تعريف الارتباط الفلاش

يتم تخزين ملفات تعريف الارتباط الفلاش كعناصر بيانات من مواقع الويب على جهاز الكمبيوتر الخاص بك عندما يتم تشغيلها باستخدام Adobe Flash. ملفات تعريف الارتباط الفلاش ليس لها حد زمني.

5.5 معالجة بياناتك في الولايات المتحدة الأمريكية

إذا سمحت بجميع ملفات تعريف الارتباط ، فأنت توافق أيضًا على ما يتوافق مع الفن. 49 ثانية. 1 أشعل اللائحة العامة لحماية البيانات التي ستتم معالجة بياناتك في الولايات المتحدة الأمريكية. تعتبر محكمة العدل الأوروبية الولايات المتحدة دولة ذات مستوى حماية غير كافٍ وفقًا لمعايير الاتحاد الأوروبي. على وجه الخصوص ، هناك خطر أن تتم معالجة بياناتك من قبل السلطات الأمريكية لأغراض المراقبة والمراقبة ، ربما دون أي تعويض من جانبك.

5.6 موافقة ملف تعريف الارتباط مع Klaro! مدير الموافقة
5.6.1 الوصف والغرض من معالجة البيانات

من أجل التحكم في استخدام ملفات تعريف الارتباط ، يتم تنفيذ أداة الموافقة على ملفات تعريف الارتباط على موقع الويب (يشار إليها فيما يلي بـ: Klaro!). كلارو! يتم توفيره من قبل KIProtect GmbH ، Bismarckstr. 10 و - 12 ، 10625 برلين كأداة مفتوحة المصدر ويتم تشغيلها بواسطتنا. كلارو! تشرح قائمة ملفات تعريف الارتباط ، مقسمة حسب مجموعة الوظائف ، الغرض من مجموعات وظائف ملفات تعريف الارتباط وملفات تعريف الارتباط الفردية ووقت تخزينها. عندما تدخل موقعنا على شبكة الإنترنت ، فإن Klaro! يتم تخزين ملف تعريف الارتباط في متصفحك ، حيث يتم تخزين الموافقات التي قدمتها أو إبطال هذه الموافقات. لا يتم إرسال هذه البيانات إلى مزود Klaro! تم الاجتياز بنجاح.

5.6.2 القانون الاساسي للمعالجة

استخدام Klaro! للحصول على الموافقات المطلوبة قانونًا لاستخدام ملفات تعريف الارتباط. الأساس القانوني لهذا هو Art. 6 sec. 1 sentence 1 lit.c GDPR.

5.6.3 مدة التخزين وإمكانية الطعن والتصرف

يتم تخزين البيانات التي تم جمعها بهذه الطريقة حتى تقوم بحذف Klaro! ملف تعريف الارتباط أو تم حذف الغرض من تخزين البيانات. تظل فترات الاستبقاء القانونية الإلزامية غير متأثرة. تفاصيل معالجة بيانات Klaro! يمكن العثور على ملف تعريف الارتباط تحت klaro.kiprotect.com.

5.6.4 معالجة الطلب

كلارو! تعمل على شبكتنا الخاصة. لن يتم نقل أي بيانات شخصية.

6. جمع البيانات والمعلومات العامة

يجمع موقعنا الإلكتروني سلسلة من البيانات والمعلومات العامة مع كل استدعاء للموقع من خلال موضوع بيانات أو نظام آلي. يتم تخزين هذه البيانات والمعلومات العامة في ملفات سجل الخادم. يمكن تسجيل أنواع المستعرضات والإصدارات المستخدمة (1) ، (2) نظام التشغيل المستخدم بواسطة نظام الوصول ، (3) موقع الويب الذي يصل منه نظام الوصول إلى موقعنا على الويب (ما يسمى بالإحالات) ، (4) - مواقع الويب ، التي يتم الوصول إليها عبر نظام الوصول على موقعنا الإلكتروني ، (5) تاريخ ووقت الوصول إلى موقع الويب ، (6) عنوان بروتوكول الإنترنت (عنوان IP) ، (7) مزود خدمة الإنترنت لنظام الوصول وغيرها من البيانات (8) البيانات الأخرى المصممة لمنع الهجمات على أنظمة تكنولوجيا المعلومات الخاصة بنا. عند استخدام هذه البيانات والمعلومات العامة ، فإننا لا نستخلص أي استنتاجات حول موضوع البيانات. بدلاً من ذلك ، هذه المعلومات مطلوبة من أجل (1) تسليم محتويات موقعنا الإلكتروني بشكل صحيح ، (2) لتحسين محتوى موقعنا الإلكتروني والإعلان عنه ، (3) لضمان التشغيل طويل المدى لأنظمة تكنولوجيا المعلومات لدينا و تقنية موقعنا الإلكتروني ، و (4) تزويد سلطات إنفاذ القانون بالمعلومات اللازمة لإنفاذ القانون في حالة وقوع هجوم إلكتروني. وبالتالي يتم تقييم هذه البيانات والمعلومات التي تم جمعها بشكل مجهول من قبلنا من ناحية إحصائية وكذلك بهدف زيادة حماية البيانات وأمن البيانات في شركتنا ، من أجل ضمان المستوى الأمثل من الحماية للبيانات الشخصية التي نعالجها. يتم تخزين البيانات المجهولة لملفات سجل الخادم بشكل منفصل عن جميع البيانات الشخصية المقدمة من صاحب البيانات.

تشفير SSL

لأسباب أمنية ولحماية نقل المحتوى السري ، مثل الطلبات التي ترسلها إلينا كمشغل للموقع ، يستخدم هذا الموقع تشفير Secure Socket Layer (SSL). يمكنك التعرف على اتصال مشفر عن طريق تغيير سطر عنوان المتصفح من & quot؛ http: // & quot؛ إلى & quot؛ https: // & quot؛ ومن خلال رمز القفل في خط المتصفح الخاص بك. إذا تم تمكين تشفير SSL ، فلا يمكن قراءة البيانات التي ترسلها إلينا من قبل أطراف ثالثة.

7. نطاق البيانات التي تم جمعها والغرض منها

7.1 موقع برايتست العام

في كل مرة يتم فيها الوصول إلى صفحة ويب أو ملف من خلال برنامج متصفح ، يتم تخزين البيانات التالية:

  • 1. الموقع أو الملف المطلوب ،
  • 2. تاريخ ووقت الطلب,
  • 3. كمية البيانات المنقولة ،
  • 4. وصف نوع متصفح الويب ونظام التشغيل المستخدم ،
  • 5. عنوان IP لجهاز الكمبيوتر الطالب.

تُستخدم هذه المعلومات لتحسين مواقع ويب برايتست وتسجيل الهجمات المحتملة على خدماتنا عبر الإنترنت. سيتم حذف البيانات المقدمة تلقائيًا أو بواسطة موظفي Brightest GmbH بعد عام واحد.

7.2 الموقع الالكتروني لبرايتست - نموذج الاتصال وطلبات الدعم والندوات عبر الإنترنت

يتضمن موقع برايتست إمكانية الاتصال بشركة Brightest GmbH بشكل عام ، أو لتقديم استفسارات مباشرة إلى فريق دعم شركة Brightest GmbH أو للتسجيل في ندوات عبر الإنترنت. يتم تخزين البيانات التالية على الأقل من الحقول المطلوبة:

  • 1. الاسم و اللقب,
  • 2. عنوان البريد الالكترونى,
  • 3. الشركة (للعروض المطلوبة فقط)
  • 4. نص مجاني (نموذج الاتصال وطلب الدعم فقط),
  • 5. رقم الهاتف (ندوات عبر الإنترنت فقط).

تستخدم شركة Brightest GmbH هذه البيانات للرد على الطلبات أو للإعلان عن مواعيد الندوات عبر الإنترنت..

7.2.1 موقع برايتست الالكتروني - نماذج الاتصال

تتوافق البيانات المخزنة في الحالات الفردية مع الحقول المحددة في النماذج وبالتالي يمكن رؤيتها مباشرة في النماذج. لن يتم تمرير البيانات إلى جهات خارجية إلا بموافقة المستخدم المعني.

7.2.2 موقع برايتست - التسجيل

أثناء التسجيل عبر الموقع ، يتم تخزين عنوان البريد الإلكتروني للمستخدم. يتم تخزين كلمة المرور التي يتم إدخالها أثناء التسجيل حصريًا في شكل مشفر ولا يمكن فك تشفيرها أيضًا بواسطة Brightest GmbH. ترغب شركة Brightest GmbH في التأكيد على أن عناوين البريد الإلكتروني لجميع المستخدمين النشطين (أي غير المحذوفين) تُستخدم لإجراء تغييرات مهمة ، على سبيل المثال فيما يتعلق بنطاق الخدمة أو في حالة التغييرات الضرورية من الناحية الفنية ، وذلك لإعلامك في بهذه الطريقة. تتم معالجة البيانات المدخلة للتسجيل كإجراء تعاقدي مسبق على أساس Art. 6 sec. 1 lit. b اللائحة العامة لحماية البيانات. ستبقى بيانات التسجيل الخاصة بك معنا طالما أنك لا تطلب حذف بياناتك.

7.3 قاعدة بيانات العملاء

تحتفظ شركة Brightest GmbH بقاعدة بيانات داخلية للعملاء يتم فيها تخزين جميع الأحداث والملاحظات المتعلقة بالعميل. وتشمل هذه:

  • 1. الزبون
  • 2. الشركة
  • 3. عنوان الشركة,
  • 4. عناوين البريد الإلكتروني لجميع المستخدمين النشطين (أي غير المحذوفين),
  • 5. أسماء جميع المستخدمين النشطين (أي غير المحذوفين),
  • 6. ملاحظات على المكالمات الهاتفية,
  • 7. معلومات الفواتير,
  • 8. معلومات إحصائية عن الاستخدام.

تُستخدم هذه البيانات لتحسين الدعم وخدمة المبيعات لعملاء شركة Brightest GmbH. بالإضافة إلى ذلك ، يتم استخدام التقييمات الإحصائية لهذه البيانات لتحسين نطاق لخدمات برايتست. لن يتم تمرير هذه البيانات إلى أطراف ثالثة. يمكن للمستخدمين طلب حذف هذه البيانات كتابة على العناوين المدرجة تحت 2).

8. سياسة الخصوصية بشأن استخدام واستخدام Google Analytics (مع وظيفة إخفاء الهوية)

يستخدم هذا الموقع وظائف خدمة تحليلات الويب Google Analytics. الموفر هو Google Ireland Limited (& ldquo ؛ Google & rdquo ؛) ، Gordon House ، Barrow Street ، Dublin 4 ، Ireland. يستخدم Google Analytics ما يسمى "ملفات تعريف الارتباط". هذه ملفات نصية يتم تخزينها على جهاز الكمبيوتر الخاص بك وتسمح بتحليل استخدامك للموقع. عادةً ما يتم إرسال المعلومات التي تم إنشاؤها بواسطة ملف تعريف الارتباط حول استخدامك لهذا الموقع إلى خادم Google في الولايات المتحدة الأمريكية وتخزينها هناك.

الأساس القانوني للمعالجة:

تخزين & ldquo ؛ Goolge Analytics Cookies & rdquo ؛ ويتم استخدام هذه الأداة على أساس موافقتك في إطار إدارة الموافقة. تتم المعالجة حصريًا على أساس Art. 6 sec. 1 lit. a . اللائحة العامة لحماية البيانات. يمكنك إلغاء أو تغيير موافقتك في أي وقت في إدارة الموافقة. يمكنك ضبط متصفحك بحيث يتم إخطارك بإعداد ملفات تعريف الارتباط والسماح بملفات تعريف الارتباط فقط على أساس كل حالة على حدة ، واستبعاد قبول ملفات تعريف الارتباط لحالات معينة أو بشكل عام ، وتمكين الحذف التلقائي لملفات تعريف الارتباط عند المتصفح مغلق. عند تعطيل ملفات تعريف الارتباط ، قد تكون وظائف هذا الموقع محدودة. تعالج Google أيضًا بياناتك الشخصية في الولايات المتحدة الأمريكية. & nbsp ؛ نود أن نشير إلى أن الولايات المتحدة تعتبرها محكمة العدل الأوروبية دولة ذات مستوى غير كافٍ من حماية البيانات وفقًا لمعايير الاتحاد الأوروبي. هناك خطر أن تتم معالجة بياناتك من قبل سلطات الولايات المتحدة الأمريكية لأغراض المراقبة والمراقبة ، ربما دون أي استئناف من جانبك. بالموافقة على استخدام Google Analytics في إدارة الموافقة ، فإنك توافق أيضًا على هذا النقل إلى الولايات المتحدة. في مثل هذه الحالة ، سيتم إجراء النقل على أساس موافقتك وفقًا للمادةArt. 49 sec. 1 lit. a . اللائحة العامة لحماية البيانات. نحن ، بصفتنا برايتست ، لا نشارك أي بيانات شخصية..

إخفاء هوية IP

لقد قمنا بتنشيط ميزة إخفاء هوية IP على هذا الموقع. سيؤدي هذا إلى اختصار عنوان IP الخاص بك من Google داخل الدول الأعضاء في الاتحاد الأوروبي أو في الدول المتعاقدة الأخرى في اتفاقية المنطقة الاقتصادية الأوروبية قبل نقلها إلى الولايات المتحدة. فقط في حالات استثنائية ، سيتم إرسال عنوان IP الكامل إلى خادم Google في الولايات المتحدة واقتطاعه هناك. نيابة عن مشغل موقع الويب هذا ، ستستخدم Google هذه المعلومات لغرض تقييم استخدامك للموقع ، وتجميع تقارير عن نشاط موقع الويب وتقديم خدمات أخرى تتعلق بنشاط موقع الويب واستخدام الإنترنت لمشغل موقع الويب. لن يتم دمج عنوان IP الذي ينقله متصفحك ضمن نطاق Google Analytics مع بيانات أخرى من Google.

البرنامج المساعد للمتصفح

يمكنك منع تخزين ملفات تعريف الارتباط في إدارة الموافقة على الصفحة الرئيسية أو عن طريق إعداد برنامج المتصفح الخاص بك وفقًا لذلك ؛ ومع ذلك ، نود أن نشير إلى أنه في هذه الحالة قد لا تتمكن من استخدام جميع وظائف هذا الموقع إلى أقصى حد. يمكنك أيضًا منع جمع البيانات التي تم إنشاؤها بواسطة ملف تعريف الارتباط والمتعلقة باستخدامك للموقع (بما في ذلك عنوان IP الخاص بك) إلى Google ومعالجة هذه البيانات بواسطة Google عن طريق تنزيل وتثبيت المكون الإضافي للمتصفح المتاح على الرابط التالي : https://support.google.com/analytics/answer/6004245?hl=de.

Storage time

User-level and event-level data stored by Google, which are linked to cookies, user identifiers (i.e. user ID) or advertising IDs (i.e. DoubleClick cookies, Android advertising ID), will be deleted after 26 months. Details can be found at the following link: https://support.google.com/analytics/answer/7667196?hl=de

9. Hotjar

Brightest uses Hotjar from Hotjar Limited (Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta) on our website to statistically analyze visitor data. Hotjar is a service that analyzes user behavior and feedback on our website through a combination of analysis and feedback tools.

Purposes of processing

We receive reports and visual representations from Hotjar that show us where and how to “move” on our site. Personal data is automatically anonymized. As you browse our website, Hotjar automatically collects information about your user behavior. In order to collect this information, we have installed our own tracking code on our website. The following data can be collected via your computer or browser:

  • computer's IP address (collected and stored in an anonymous format),
  • Screen,
  • Browser info (which browser, version, etc.),
  • Your location (but only the country),
  • Your preferred language setting Visited web pages (subpages),
  • Date and time of access to one of our subpages (websites).

For more details on the Privacy Policy and what data Hotjar collects and how, please visit https://www.hotjar.com/legal/policies/privacy?tid=311165122. Cookies also store data that is placed on your computer (usually in your browser).

Legal basis and legitimate interests

The storage of "Hotjar cookies" and the use of this tool are carried out on the basis of your consent within the framework of consent management. The processing is carried out exclusively on the basis of Art. 6 sec. 1 sentence 1 lit. a GDPR. You can revoke or change your consent at any time in Consent Management. Please note that deleting cookies, using your browser's private mode or using another browser will result in the collection of data again.

Passing

According to its own information, Hotjar does not store any of your personal data for the analysis. The company even advertises with the slogan “We track behavior, not individuals”.

Possibility of opposition

In addition to the recruitment options in consent management, you have the option to prevent the collection of your data as follows; (1) You only go to the "Opt-out" and "Disable Hotjar" button; (2) You can also activate the "Do Not Track" button in your browser.

10. Subscription to our newsletter

On our website, we offer to subscribe to the newsletter of our company. Which personal data is transmitted to the controller when ordering the newsletter is determined by the input mask used for this purpose. We inform you at regular intervals by means of a newsletter about offers of the company. In principle, the newsletter of our company can only be received by the data subject if:

  • 1. the data subject has a valid e-mail address and
  • 2. the data subject registers for the sending of the newsletter.

For legal reasons, a confirmation e-mail will be sent to the e-mail address entered for the first time by a data subject in the sending of the newsletter using the double opt-in procedure. This confirmation e-mail is used to verify that the owner of the e-mail address, as the data subject, has authorized the receipt of the newsletter. When registering for the newsletter, we also store the IP address of the computer system used by the data subject at the time of registration by the Internet service provider (ISP) as well as the date and time of the registration. The collection of this data is necessary to understand the (possible) misuse of the e-mail address of a data subject at a later date and therefore serves the legal protection of the controller. The processing of the personal data entered in the context of the newsletter registration takes place exclusively on the basis of your consent (Art. 6 sec. 1 lit. a GDPR). The personal data collected in the context of a subscription to the newsletter will only be used for sending our newsletter. Furthermore, subscribers to the newsletter could be informed by e-mail, if this is necessary for the operation of the newsletter service or for a related registration, as could be the case in case of changes to the newsletter offer or changes in technical circumstances. The personal data collected within the framework of the newsletter service will not be passed on to third parties. The subscription to our newsletter can be cancelled by the data subject at any time. Consent to the storage of personal data that the data subject has given us for sending the newsletter can be revoked at any time. The legality of the data processing operations that have already taken place remains unaffected by the revocation. The data you have stored with us for the purpose of receiving the newsletter will be stored by us until you are sent out of the newsletter and deleted after the newsletter has been unsubscribed.

11. Mailchimp

This website uses MailChimp's services to send newsletters. The provider is Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA. The e-mail addresses of our newsletter recipients, as well as their other data described in the context of this notice, are stored on the servers of MailChimp in the USA. MailChimp uses this information to send and evaluate the newsletters on our behalf. Furthermore, according to its own information, MailChimp may use this data to optimize or improve its own services, i.e. for the technical optimization of the shipping and presentation of the newsletters or for economic purposes, in order to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to write them themselves or to pass them on to third parties. We would like to point out that the US is assessed by the European Court of Justice as a country with an inadequate level of data protection according to EU standards. There is a risk that your data may be processed by US authorities for control and monitoring purposes, possibly without any redress on your part. By registering to send the newsletter, you decide for yourself whether or not you wish to consent to such a transfer. In such a case, the transfer will be made on the basis of your consent in accordance with Art. 49 sec. 1 lit. a GDPR. The data protection guidelines of MailChimp are available via their website: https://mailchimp.com/legal/privacy

Statistical survey and analysis:

The newsletters contain a so-called "web-beacon", i.e. a pixel-sized file, which is retrieved from the MailChimp server when the newsletter is opened. As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval are collected first. This information is used to improve the technical requirements of the services on the basis of the technical data or the target groups and their reading behavior on the basis of the polling locations (which can be determined by means of the IP address) or the access times. Statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our intention, nor that of MailChimp, to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

12. Plugins and tools

12.1 YouTube with enhanced privacy

This website integrates videos from YouTube. The site is operated by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. We use YouTube in advanced privacy mode. According to YouTube, this mode does not allow YouTube to store information about visitors to this website before they watch the video. However, the extended data protection mode does not necessarily exclude the transfer of data to YouTube partners. This way, youTube connects to the Google DoubleClick network, regardless of whether you are watching a video. As soon as you start a YouTube video on this website, a connection is made to the servers of YouTube. The YouTube server will be informed which of our pages you have visited. Whenever you are logged into your YouTube account, you allow YouTube to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account. By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website. This is done regardless of whether YouTube provides a user account through which you are logged in or whether there is no user account. If you are logged in to Google, your data will be directly associated with your account. If you do not want to be assigned to your profile on YouTube, you must log out before activating the button. YouTube stores your data as user profiles and uses it for advertising, market research and/or needs-based design of its website. Such an evaluation is carried out in particular (even for unlogged users) for the provision of demand-oriented advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must address YouTube in order to exercise this.

Legal basis of processing

The storage of "YouTube cookies" and the use of this tool are carried out on the basis of your consent within the framework of consent management. The processing is carried out exclusively on the basis of Art. 6 sec. 1 lit. a GDPR. You can revoke or change your consent at any time in Consent Management. You can set your browser so that you are informed about the setting of cookies and allow cookies only on a case-by-case basis, exclude the acceptance of cookies for certain cases or in general, and enable the automatic deletion of cookies when the browser is closed. When disabling cookies, the functionality of this website may be limited.

Disclosure of data

It is conceivable that some of the information collected will also be processed outside the European Union by Google Inc. with its headquarters in the USA. We would like to point out that the USA is considered by the European Court of Justice to be a country with an insufficient level of data protection according to EU standards. In this respect, there is a risk that your data may be processed by US authorities for control and monitoring purposes, possibly also without any legal remedy. You decide yourself in the consent management of our website whether you want to agree to such a transfer or not. In such a case, the transfer takes place on the basis of your consent pursuant to Art. 49 sec. 1 lit. a DSGVO. We, as Brightest, do not pass on any personal data ourselves.

Possibility of opposition

Users of YouTube can influence the extent to which their user behavior may be recorded when visiting our YouTube page under the settings for advertising preferences. For more information on the purpose and scope of Data Collection and its processing by YouTube, please see the Privacy Policy. There you will also find more information about your rights and settings to protect your privacy: https://www.google.de/intl/de/policies/privacy. The processing of information using the cookie used by YouTube can be prevented by the fact that third-party cookies or those of YouTube and/or Google are not allowed in your own browser settings. We would like to point out that in this case you may not be able to use all functions of our website to the full extent. For more information on the purpose and scope of data collection and its processing by YouTube, please see the Privacy Policy. There you will also find more information about your rights and settings to protect your privacy: https://www.google.de/intl/de/policies/privacy.

12.2 Google Web Fonts

In order to display our content correctly and graphically in a browser-wide, we use "Google Web Fonts" of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter referred to as "Google") to display fonts. We have integrated this script library locally on our web server, so that when we access our website no connection to Google is established and also no "Google cookie" is set.

Legal basis of processing

The legal basis for the integration of Google Web Fonts is our legitimate interest in a correct and graphically appealing presentation of the website according to Art. 6 para. 1 sentence 1 lit. f DSGVO. Since we have integrated the script library locally on our own web server, there is no data transfer to Google. In this respect, no explicit consent is required from you for the use of Google Web Fonts.

Disclosure of data

Due to the local integration of the script library on our web server, no data is passed on to third parties.

Storage time

We do not collect any personal data through the local integration of the script library on our server.

13. Google reCaptcha

To protect its orders via the Internet form, LSW uses the reCAPTCHA service provided by Google Inc. (Google). The query is used to distinguish whether the input is by a human being or abusively by automated, machine processing. The query includes sending the IP address and, if necessary, any other data required by Google for the reCAPTCHA service to Google. For this purpose, your input will be transmitted to Google and will continue to be used there. By using reCaptcha, you agree that the recognition you provide will feed into the digitization of old works. However, if IP anonymization is activated on this website, your IP address will be truncated by Google within Member States of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of this service. The IP address transmitted by your browser as part of reCaptcha will not be merged with other data from Google. This data is subject to the different privacy policy of Google. For more information about Google’s privacy policies, see: https://www.google.com/intl/de/policies/privacy/.

14. Cloudflare

On this website, we use Cloudflare from Cloudflare, Inc. (101 Townsend St., San Francisco, CA 94107, USA) to make our website faster and more secure. Cloudflare uses cookies and processes user data. Cloudflare, Inc. is an US-American company that provides a content delivery network and various security services. These services are located between the user and our hosting provider and act as a reverse proxy for websites. We will try to explain in more detail what this means.

Our sites use CloudFlare features. The provider is CloudFlare, Inc. 665 3rd St. #200, San Francisco, CA 94107, USA. CloudFlare offers a globally distributed content delivery network with DNS. A content delivery network (CDN) is a network of internet-connected servers. Cloudflare has distributed such servers around the world to bring websites to your screen faster. When you visit our website, a load-sharing system ensures that most of our website is delivered by the server that can view our website the fastest. The distance of data transfer to your browser is significantly shortened by a CDN. Thus, the content of our website is delivered to you by Cloudflare not only from our hosting server, but from servers from all over the world. The use of Cloudflare is particularly helpful for users from abroad, as the site can be delivered from a nearby server. In addition to delivering websites quickly, Cloudflare also offers various security services, such as DDoS protection or the Web Application Firewall. Cloudflare helps us to make our website faster and more secure. For security reasons, Cloudflare also uses a cookie. The cookie (__cfduid) is used to identify individual users behind a shared IP address and to apply security settings to each user. Cloudflare generally only forwards data that is controlled by website operators. The content is therefore not determined by Cloudflare, but always by the website operator itself. In addition, Cloudflare may collect certain information about the use of our website and process data sent by us or for which Cloudflare has received instructions. In most cases, Cloudflare receives data such as contact information, IP addresses, security fingerprints, DNS log data, and performance data for Web pages derived from browser activity. For example, log data helps Cloudflare detect new threats. This way, Cloudflare can provide a high level of security protection for our website.

Storage of data and legal basis of processing:

The storage of the Cloudflare cookies and the use of this tool are based on your consent in the context of consent management. The processing takes place exclusively on the basis of Art. 6 para. 1 lit. a DSGVO. You can revoke or change your consent at any time in the consent management. You can set your browser so that you are informed about the setting of cookies and allow cookies only on a case-by-case basis, exclude the acceptance of cookies for certain cases or in general, and enable the automatic deletion of cookies when the browser is closed. Disabling cookies may limit the functionality of this website. Cloudflare also processes your personal data in the United States and other third countries. We would like to point out that the USA is considered by the European Court of Justice to be a country with an inadequate level of data protection in accordance with EU standards. There is a risk that your data may be processed by US-authorities for control and monitoring purposes, possibly without any redress on your part. By agreeing to use Cloudflair in the consent management, you also consent to such a transfer to the United States. In such a case, the transfer will be made on the basis of your consent in accordance with Art. 49 sec. 1 lit. a GDPR.

Storage time

Cloudflare can transfer and access the information described above from all over the world. In general, Cloudflare stores user-level data for domains in the Free, Pro, and Business versions for less than 24 hours. For Enterprise domains that have Cloudflare Logs (formerly Enterprise LogShare or ELS) enabled, data can be stored for up to 7 days. However, if IP addresses trigger security alerts at Cloudflare, there may be exceptions to the above retention period.

Possibility of opposition

Cloudflare only keeps data logs for as long as necessary, and in most cases this data is deleted within 24 hours. Cloudflare also does not store any personal data, such as your IP address. However, there is information that Cloudflare stores indefinitely as part of its persistent logs to improve the overall performance of Cloudflare Resolver and identify any security risks. You can read which permanent logs are stored exactly on https://www.cloudflare.com/application/privacypolicy/. All data that Cloudflare collects (temporary or permanent) will be cleaned up of all personal data. Cloudflare also anonymizes all permanent protocols. The consent management of our website offers you the possibility to prevent the Cloudflare cookie and thus also the processing of data by Cloudflare. The processing of information using the cookie used by Cloudflare can be prevented by the fact that third-party cookies or those of Cloudflare are not allowed in your own browser settings.

15. Privacy Policy on the use of fan pages on Facebook, Twitter, Instagram, LinkedIn, XING and YouTube

15.1 Privacy Policy for Facebook fan page
15.1.1 Responsible parties

As the operator of this Facebook page we are (Brightest GmbH, Lehmbruckstr. 18, 10245 Berlin, Germany) together with the operator of the social network Facebook (Facebook Ireland Ltd.) responsible within the meaning of Article 4(7) of the General Data Protection Regulation (GDPR). When you visit our Facebook page, personal data is processed by the persons responsible. In the following, we inform you about the data involved, how it is processed and what rights you have in this regard. As the person responsible for this site, we have entered into agreements with Facebook, which, among other things, govern the conditions for the use of the Facebook page. The terms of use of Facebook as well as the other terms and conditions listed there in the end are decisive.

15.1.2 Purposes of processing

The processing of the information is intended, among other things, to enable Facebook to improve its system of advertising, which it distributes over its network. In addition, as the operator of the Facebook page, it should enable us to obtain statistics that Facebook compile on the basis of the visits to our Facebook page. This is intended to control the marketing of our activities. For example, it allows us to gain knowledge of the profiles of visitors who value our Facebook page or use applications of the site to provide them with more relevant content and develop features that may be of greater interest to them. To help us better understand how we can more effectively achieve our goals with our Facebook page, demographic and geographical evaluations are also created and made available to us on the basis of the information collected. We may use this information to target interest-based advertisements without directly knowing the identity of the visitor. If visitors use Facebook on several devices, the collection and evaluation can also be carried out across devices if they are registered and logged in to their own profile. The generated visitor statistics are transmitted to us exclusively in anonymized form. We do not have access to the underlying data.

15.1.3 Legal basis and legitimate interests

We operate this Facebook page to present ourselves and communicate with Facebook users and other interested persons who visit our Facebook page. The processing of the personal data of the users takes place on the basis of our legitimate interests, in an optimized corporate presentation (Art. 6 sec. 1 lit. f GDPR).

15.1.4 Disclosure of data

We have no influence on the collection of data by Facebook, nor on the data processing processes that exist at Facebook. Nor do we know the extent of the data collection, nor the purposes of the processing or the storage periods stored. It cannot therefore be ruled out that the data will be forwarded to anonymized statistics. If you visit our Facebook page, it is conceivable that some of the information collected will also be processed outside the European Union by Facebook Inc., based in the United States of America. We would like to point out that the USA is assessed by the European Court of Justice as a country with an inadequate level of data protection according to EU standards. There is a risk that your data may be processed by USA authorities for control and monitoring purposes, possibly without any redress on your part. You decide in the consent management of the Facebook page whether you want to consent to such a transfer or not. In such a case, the transfer will be carried out on the basis of your consent in accordance with Art. 6 sec. 1 lit. a GDPR. We, as Brightest, do not share any personal data.

15.1.5 Possibility of opposition

Users of Facebook can influence under the settings for advertising preferences to which extent their user behavior may be recorded when visiting our Facebook fan page. Other options are provided by Facebook under settings or their objection form. Processing of information using the cookie used by Facebook can be prevented by the fact that third-party cookies or cookies from Facebook are not allowed in their own browser settings.

15.1.6 Nature of Shared Responsibility

It is essentially clear from the agreements with Facebook also on joint responsibility that requests for information and the assertion of other data subjects' rights are sensibly asserted directly from Facebook. As a provider of the social network and the possibility of integrating Facebook pages there, Facebook alone has the direct access to the required information and can also take any necessary measures and provide information immediately. Should our support be required, we can be contacted at any time.

15.1.7 Information on contact details and other rights as data subject

Further information about our contact details, this privacy policy also covers the rights of affected persons vis-à-vis us and how personal data is processed by us. Information about Facebook’s handling of personal data can be found in its privacy policy.

15.2 Privacy Policy for Twitter fan page
15.2.1 Responsible parties

As the operator of this Twitter page, we (Brightest GmbH, Lehmbruckstr. 18, 10245 Berlin, Germany) together with the operator of the social network Twitter (Twitter International Company One, Cumberland Place, Fenian Street, Dublin 2D02 AX07, Ireland) are responsible within the meaning of Article 4 no. 7 of the General Data Protection Regulation (GDPR). When you visit our Twitter page, personal data is processed by the responsible persons. In the following section, we inform you about the data involved, how it is processed and about your rights in this regard. As the controller of this site, we have entered into agreements with Twitter, which, among other things, govern the conditions for using the Twitter site. The terms of use of Twitter under https://twitter.com/de/tos as well as any other relevant policies.

15.2.2 Purposes of processing

The processing of this information is intended, among other things, to enable Twitter to improve its system of advertising, which it distributes over its network. Secondly, it is intended to enable us, as the operator of the Twitter page, to obtain statistics that Twitter compiles on the basis of visits to our Twitter page. This is intended to control the marketing of our activities. For example, it allows us to gain knowledge of the profiles of visitors who value our Twitter page or use applications of the site to provide them with more relevant content and develop features that may be of greater interest to them. To better understand our Twitter page can better achieve our goals, demographic and geographical evaluations are also created and made available to us on the basis of the information collected. We may use this information to target interest-based advertisements without directly knowing the identity of the visitor. If visitors use Twitter on several devices, the collecting and analysis can also be carried out across devices if they are registered and logged in to their own profile. The generated visitor statistics are transmitted to us exclusively in anonymized form.
We, as Brightest, do not have access to the underlying data.

15.2.3 Legal basis and legitimate interests

We operate this Twitter page to present ourselves to communicate with Twitter users and other interested persons who visit our Twitter page. The processing of the users’ personal data takes place on the basis of our legitimate interests, in an optimized corporate presentation (Art. 6 sec. 1 lit. f GDPR).

15.2.4 Disclosure of data

We have no influence on the collection of data by Twitter, nor on the data processing processes that exist at Twitter. Nor do we know the extent of the data collection, nor the purposes of the processing or the storage periods stored. It cannot therefore be ruled out that the data will be forwarded to anonymized statistics. If you visit our Twitter page, it is conceivable that some of the information collected will also be processed outside the European Union by Twitter Inc., based in the United States of America. We would like to point out that the USA is assessed by the European Court of Justice as a country with an inadequate level of data protection according to EU standards. There is a risk that your data may be processed by US authorities for control and monitoring purposes, possibly without any redress on your part. You decide in the consent management of the Twitter page whether you want to agree to such a broadcast or not. In such a case, the transfer will be carried out on the basis of your consent in accordance with Art. 6 sec. 1 lit. a GDPR. We, as Brightest, do not share any personal data.

15.2.5 Possibility of opposition

Twitter users can influence the extent to which their user behavior may be recorded when visiting our Twitter page under the settings for advertising preferences. Twitter offers further features in the settings in the Twitter account or under https://twitter.com/de/privacy. The processing of information by means of the cookies used by Twitter can be prevented by not allowing third-party cookies from Twitter in their own browser settings.

15.2.6 Nature of Shared Responsibility

It is essentially clear from the agreements with Twitter also on joint responsibility that requests for information and the assertion of other affected persons rights are sensibly asserted directly on Twitter. As a provider of the social network and for the possibility to integrate Twitter pages into it, Twitter alone has the direct access to the required information and can also take any necessary measures and provide information immediately. Should our support be required, we can be contacted at any time.

15.2.7 Information on contact details and other rights as a data subject

Further information about our contact details, the rights of data subjects towards us and how otherwise personal data is processed by us can be found in this privacy policy. Information about Twitter's handling of personal data on Twitter can be found in its privacy policy at: https://twitter.com/de/privacy

15.3 Privacy Policy for Instagram
15.3.1 Responsible parties

As the operator of this Instagram page, we (Brightest GmbH, Lehmbruckstr. 18, 10245 Berlin, Germany) together with the operator of the social network Instagram (Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland) are responsible within the meaning of Article 4 no. 7 of the General Data Protection Regulation (GDPR). When you visit our Instagram page, personal data is processed by the persons responsible. In the following section, we inform you about the data involved, how it is processed and about your rights in this regard. As the persons responsible for this site, we have entered into agreements with Facebook, which, among other things, govern the conditions for using the Instagram page. The terms of use of Instagram are applicable under https://help.instagram.com/581066165581870 as well as the other conditions and policies listed therein at the end.

15.3.2 Purposes of processing

The processing of the information is intended, among other things, to enable Facebook to improve its system of advertising, which it distributes over its network. Secondly, as the operator of the Instagram page, it should allow us to obtain statistics that Facebook creates on the basis of the visits to our Instagram page. This is intended to control the marketing of our activities. For example, it allows us to gain knowledge of the profiles of visitors who value our Instagram page or use applications of the site to provide them with more relevant content and develop features that might be of greater interest to them. In order to better understand how we can better effiectively our goals with our Instagram page, demographic and geographical evaluations are also created and made available to us on the basis of the information collected. We may use this information to target interest-based advertisements without directly knowing the identity of the visitor. If visitors use Facebook on several devices, the collection and evaluation can also be carried out across devices if they are registered and logged in to their own profile. The generated visitor statistics are transmitted to us exclusively in anonymised form. We do not have access to the underlying data.

15.3.3 Legal basis and legitimate interests

We operate this Instagram page to present ourselves to and communicate with Instagram users and other interested people who visit our Instagram page. The processing of the users’ personal data takes place on the basis of our legitimate interests, in an optimized corporate presentation (Art. 6 sec. 1 lit. f GDPR).

15.3.4 Disclosure of data

We have no influence on the collection of data by Instagram, nor on the data processing processes that exist at Facebook. Nor do we know the extent of the data collection, nor the purposes of the processing or the storage periods stored. It cannot therefore be ruled out that the data will be forwarded to anonymized statistics. If you visit our Instagram page, it is conceivable that some of the information collected will also be processed outside the European Union by Facebook Inc., based in the United States. We would like to point out that the US is assessed by the European Court of Justice as a country with an inadequate level of data protection according to EU standards. There is a risk that your data may be processed by US authorities for control and monitoring purposes, possibly without any redress on your part. You decide in the Consent management of the Instagram page whether you want to agree to such a transfer or not. In such a case, the transfer will be made on the basis of your consent in accordance with Art. 49 sec. 1 lit. a GDPR. We, as Brightest, do not share any personal data.

15.3.5 Possibility of opposition

Instagram users can influence the extent to which their user behavior may be recorded when they visit our Instagram page under the settings for advertising preferences. Other options include Facebook and Instagram settings at:
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Fads%2Fpreferences%2F%3Fentry_product%3Dad_settings_screen
https://www.instagram.com/accounts/login/?next=/accounts/privacy_and_security/
or the form on the right of objection at:
https://www.facebook.com/help/contact/1994830130782319.
The processing of information by means of the cookie used by Facebook can be prevented by not allowing third-party cookies or cookies from Facebook in their own browser settings.

15.3.6 Nature of Shared Responsibility

It is essentially clear from the agreements with Facebook also on joint responsibility that requests for information and the assertion of other data subjects' rights are sensibly asserted directly from Facebook. As a provider of the social network and the possibility of integrating Facebook pages there, Facebook alone has the direct access to the required information and can also take immediately any necessary measures and provide information. However, if our support is required, we can be contacted at any time.

15.3.7 Information on contact options and other rights as a data subject

Further information about our contact details, the rights of data subjects towards us and how otherwise personal data is processed by us can be found in this privacy policy. Information about Facebook's handling of personal data on Instagram can be found in its privacy policy at https://help.instagram.com/519522125107875

15.4 LinkedIn Privacy Policy
15.4.1 Responsible parties

As the operator of this LinkedIn page, we (Brightest GmbH, Lehmbruckstr. 18, 10245 Berlin, Germany) together with the operator of the social network LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland) are responsible within the meaning of Article 4 no. 7 of the General Data Protection Regulation (GDPR). When you visit our LinkedIn page, personal data is processed by the controller. In the following section, we inform you about the data involved, how it is processed and about your rights in this regard. As the controller of this site, we have entered into agreements with LinkedIn, which, among other things, govern the conditions for using the LinkedIn site. LinkedIn's terms of use are based on: https://www.linkedin.com/legal/user-agreement?src=or-search&veh=www.google.com%7Cgo-pa&trk=sem_lms_gaw

15.4.2 Purposes of processing

One of the aims of processing of this information is to enable LinkedIn to improve its system of advertising, which it distributes over its network. Secondly, as the operator of the LinkedIn page, it is intended to enable us to obtain statistics that LinkedIn creates on the basis of visitors to our LinkedIn page. This is intended to control the marketing of our activities. For example, this allows us to gain knowledge of the profiles of visitors who value our LinkedIn page or use applications on the site to provide you with relevant content and develop features that might be of the greatest interest to you. In order to better understand how we can better achieve our goals with our LinkedIn page, demographic and geographical evaluations are also created and made available to us on the basis of the information collected. This information can be used to target interest-based advertisements without immediately knowing the identity of the visitors. If visitors use LinkedIn on multiple devices, the collection and analysis can also be carried out across devices if they are registered and logged in to their own profile. The visitor statistics produced are transmitted to us exclusively in anonymized form. We do not have access to the underlying data.

15.4.3 Legal basis and legitimate interests

We operate this LinkedIn page to present ourselves and communicate with LinkedIn users and other interested people who visit our LinkedIn site. The processing of the users’ personal data takes place on the basis of our legitimate interests, in an optimized corporate presentation (Art. 6 sec. 1 lit. f GDPR).

15.4.4 Disclosure of Data

We have no influence on the collection of data by LinkedIn, nor on the data processing processes that exist at LinkedIn. Nor do we know the extent of the data collection, nor the purposes of the processing or the storage periods stored. It cannot therefore be ruled out that the data can be forwarded to anonymized statistics. When you visit our LinkedIn page, it is conceivable that some of the information collected will also be processed outside the European Union by LinkedIn Corporation, based in the United States of America. We would like to point out that the US is assessed by the European Court of Justice as a country with an inadequate level of data protection according to EU standards. There is a risk that your data may be processed by US authorities for control and monitoring purposes, possibly without redress. You decide in the consent management of the Instagram page whether you want to agree to such a transfer or not. In such a case, the transfer will be carried out on the basis of your consent in accordance with Art. 6 sec. 1 lit. a GDPR.
We, as Brightest, do not share any personal data.

15.4.5 Possibility of opposition

LinkedIn users can influence the extent to which their user behavior may be recorded when they visit our LinkedIn page under the settings for advertising preferences. LinkedIn offers further possibilities in the settings in the LinkedIn account. The processing of information using the cookies used by LinkedIn can be prevented by not allowing third-party cookies or cookies from LinkedIn in their own browser settings.

15.4.6 Nature of Shared Responsibility

It is essentially clear from the agreements with LinkedIn also on joint responsibility that requests for information and the assertion of other data subjects' rights are sensibly asserted directly with LinkedIn. As a provider of the social network and the possibility to integrate LinkedIn pages there, LinkedIn alone has the direct access to the required information and can also take immediately any necessary measures and provide information. However, if our support is required, we can be contacted at any time.

15.4.7 Information on contact options and other rights as a data subject

Further information about our contact details, the rights of data subjects towards us and how otherwise personal data is processed by us can be found in this privacy policy. Information about LinkedIn’s handling of personal data on LinkedIn can be found in their privacy policy (https://www.linkedin.com/legal/privacy-policy?_l=de_DE).

15.5 Privacy Policy for XING
15.5.1 Responsible parties

As the operator of this XING page, we (Brightest GmbH, Lehmbruckstr. 18, 10245 Berlin, Germany) together with the operator of the social network XING (XING SE, Dammtorstraße 30, 20354 Hamburg, Germany) are responsible within the meaning of Article 4 no. 7 of the General Data Protection Regulation (GDPR). When you visit our XING page, personal data is processed by the controller. In the following section, we inform you about the data involved, how it is processed and which rights you have in this regard. We, as the responsible party for this site with XING, operate them on the basis of the terms and conditions for the use of the XING site. The general terms and conditions of XING are applicable under https://www.xing.com/terms as well as the conditions and guidelines listed therein.

15.5.2 Purpose of processing

We collect personal data when you contact us, for example, via the contact form or messenger. You can see which data we collect when you contact us using the contact form. This data will be stored and used exclusively for the purpose of answering your request or for contacting you and the associated technical administration. Your data will be deleted after the final processing of your request, provided that no legal retention obligations conflict. We assume that processing is complete when the circumstances indicate that the matter in question has been conclusively clarified. When you visit our XING page, XING collects, among others, your IP address and other information that is available in the form of cookies on your PC. This information is used to provide us, as the operator of the XING pages, with statistical information about the use of the XING site. XING provides more detailed information on this matter at the following link: https://privacy.xing.com/en/privacy-policy.

15.5.3 Legal basis and legitimate interests

We operate this XING page to present ourselves and communicate with XING users and other interested persons who visit our XING site. The processing of the users’ personal data takes place on the basis of our legitimate interests, in an optimized corporate presentation (Art. 6 sec. 1 lit. f GDPR). If you also provide data records in XING, this the legal basis is your consent in accordance with Art. 6 sec. 1 sentence 1 lit. a GDPR.

15.5.4 Disclosure of data

We, as Brightest, do not share any information we have received from you about XING with third parties. With regard to the transfer of data by XING, we refer to the link to The XING Privacy Policy cited in Section 13.5.7.

15.5.5 Possibility of opposition

The processing of information using the cookie used by XING can be prevented in the cookie policy and by the fact that third-party cookies or those of XING are not allowed in their own browser settings.

15.5.6 Nature of Shared Responsibility

It is essentially clear from the agreements with XING also on joint responsibility that requests for information and the assertion of other data subjects' rights are sensibly asserted directly from XING. As a provider of the social network and the possibility of integrating XING pages there, XING alone has the direct access to the required information and can also take any necessary measures and provide information immediately. However, if our support is required, we can be contacted at any time.

15.5.7 Information on contact options and other rights as a data alike

We will delete your data that you have provided to us via XING as soon as the purpose of the processing is fulfilled and there are no further legal retention obligations. Since contacting us via XING can be based on various reasons and purposes, the storage time is also directly related to it. Information on XING's handling of personal data can be found in its privacy policy under https://privacy.xing.com/de/datenschutzerklaerung
You can contact XING's data protection officer using the contact form provided by XING at https://privacy.xing.com/de/ihre-ansprechpartner.

15.6 Privacy Policy for YouTube
15.6.1 Responsible persons

As the operator of this YouTube page, we (Brightest GmbH, 18, 10245 Berlin, Germany) together with the operator of the You-Tube website (YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA a subsidiary of Google inc. 160 Amphitheatre parkway, Mountain View, CA 94043, USA) are responsible within the meaning of Article 4 no. 7 of the General Data Protection Regulation (GDPR). When you visit our YouTube page, personal data is processed by the responsible persons. in the following section, we inform you about the data involved, how it is processed and which rights you have in this regard. All data protection settings on YouTube must be made in the Google Account. As the controller of this site, we have entered into agreements with Google, which, among others, govern the conditions for the use of the Google services (here: YouTube). The terms of use of Google and the other terms and policies listed there in the end are decisive.

15.6.2 Purposes of processing

The processing of the information is intended, among other things, to enable YouTube to improve its system of advertising, which it distributes over its network. Secondly, as the operator of the YouTube site, it should enable us to obtain statistics that YouTube creates based on the visitors to our YouTube site. This is intended to control the marketing of our activities. For example, this allows us to gain knowledge of the profiles of visitors who value our YouTube videos or use the Site’s applications to provide you with relevant content and develop features that might be of the greatest interest to you. In order to better understand how we can better achieve our goals with our YouTube page, demographic and geographical evaluations are also created and made available to us on the basis of the information collected. We may use this information to target interest-based advertisements without directly knowing the identity of the visitor. If visitors use YouTube on several devices, the recording and evaluation can also be carried out across devices if they are registered and logged in to their own profile. The visitor statistics produced are transmitted to us exclusively in anonymized form. We do not have access to the underlying data.

15.6.3 Legal basis and legitimate interests

We operate this YouTube page to present ourselves to and communicate with YouTube users and other interested people who visit our YouTube site. The processing of the personal data of the users takes place on the basis of our legitimate interests, in an optimized corporate presentation (Art. 6 sec. 1 lit. f GDPR).

15.6.4 Disclosure of data

We have no influence on the collection of data by Google, nor on the data processing processes that exist at Google. Nor do we know the extent of the data collection, nor the purposes of the processing or the storage periods stored. It cannot therefore be ruled out that the data will be forwarded to anonymized statistics. It is conceivable that some of the information collected will also be processed outside the European Union by YouTube LLC, based in the United States. Google is certified under the US-EU Privacy Shield and is committed to complying with European data protection requirements for its services (here: YouTube). We, as Brightest, do not share any personal data.

15.6.5 Possibility of opposition

Users of YouTube can influence the extent to which their user behavior may be recorded when they visit our YouTube page under the settings of your Google Account. See also: https://policies.google.com/privacy?hl=de#infochoices The processing of information using the cookies used by YouTube or Google can be prevented by not allowing cookies from third-party providers or those from Google and YouTube in their own browser settings.

15.6.6 The nature of shared responsibility

It is essentially clear from the agreements with YouTube and Google also on joint responsibility that requests for information and the assertion of other data subjects' rights are sensibly asserted directly from YouTube or Google. As a provider of the social network and the possibility of integrating YouTube pages there, YouTube alone has the direct access to the required information and can also take any necessary measures and provide information immediately. However, if our support is required, we can be contacted at any time.

15.6.7 Information on contact options and other rights as a data subject

Further information about our contact details, the rights of data subjects towards us and how otherwise personal data is processed by us can be found in this privacy policy. Information on how YouTube handles personal data on Google can be found in their privacy policy (https://policies.google.com/privacy?hl=de).
Google also processes your personal data in the US and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

16. Data protection for applications and in the application process

We offer you the opportunity to apply to us (e.g. by e-mail). In the following section, we inform you about the scope, purpose and use of your personal data collected during the application process. We assure you that the collection, processing and use of your data is carried out in accordance with the applicable data protection law and all other legal provisions and that your data will be treated strictly confidentially.

Scope and purpose of data collection

When you send us an application, we process your personal data (e.g. contact and communication data, application documents, notes in the course of interviews, etc.) insofar as this is necessary for the decision on the establishment of an employment relationship. The legal basis for this is Section 26 OF the German Data Protection Act (initiation of an employment relationship), Art. 6 sec. 1 lit. b GDPR (general initiation of contracts) and, if you have given your consent, Art. 6 sec. 1 lit. a GDPR. The consent can be revoked at any time. Your personal data will only be passed on within our company to persons involved in the processing of your application. If the application is successful, the data you have submitted will be stored in our data processing systems on the basis of Section 26 of the German Data Protection Act (BDSG) and Art. 6 (1) lit. b GDPR for the purpose of carrying out the employment relationship.

Retention period of the data

In the case that we do not offer you a job you have applied to, reject your job offer or you withdraw your application, we reserve the right to keep the data you provide on the basis of our legitimate interests (Art. 6 sec. 1 lit. f GDPR) for up to 6 months from the end of the application process (rejection or withdrawal of the application). The data will then be deleted, and the physical application documents destroyed. The retention is used, in particular, for verification purposes in the event of a dispute. If it is apparent that the data will be necessary after the expiry of the 6-month period (e.g. due to an impending or pending litigation), deletion will only take place if the purpose for further storage is no longer necessary. A longer retention can also take place if you have given appropriate consent (Art. 6 sec. 1 lit. a GDPR) or if legal retention obligations prevent deletion.

17. Deletion and blocking of personal data

The controller processes and stores the data subject's personal data only for the period necessary to achieve the purpose of storage or if this has been provided for in the laws or regulations to which the controller is subject. If the storage purpose is waived or a storage period prescribed by another competent legislator expires, the personal data will be blocked or deleted in accordance with the statutory provisions.

18. Legal basis for processing

Unless otherwise stated:
Art. 6 sec. 1 sentence 1 lit. a GDPR serves as a legal basis for our company for processing operations in which we obtain consent for a specific processing purpose. Where the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, in the case of processing operations necessary for the supply of goods or the provision of any other service or consideration, the processing shall be based on The First sentence of Article 6 (1) (GDPR),.b the GDPR. The same applies to such processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of enquiries about our products or services. If our company is subject to a legal obligation which requires the processing of personal data, such as the fulfilment of tax obligations, the processing shall be based on Article 6 paragraph 1 sentence 1 lit. c GDPR. In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor to our company were to be injured and his name, age, health insurance data or other vital information had to be passed on to a doctor, hospital or other third parties. The processing would then be based on the first sentence of Article 6 (1) of the GDPR. Ultimately, processing operations could be based on the first word of GDPR in Article 6 (1). This legal basis is based on processing operations which are not covered by any of the aforementioned legal bases where the processing is necessary to safeguard a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject do not prevail. We are allowed to do this kind of processing, in particular because they have been specifically mentioned by the European legislator. In that regard, it took the view that a legitimate interest could be presumed if the data subject is a customer of the controller (recital 47 sentence 2 GDPR).

19. Legitimate interests in the processing pursued by the controller or a third party

Based on Article 6 paragraph 1 sentence 1 lit. f GDPR, our legitimate interest is to carry out our business for the benefit of the well-being of all our employees and our shareholders.

20. Duration for which the personal data is stored

The criterion for the duration of the storage of personal data is the respective legal retention period. After the expiry of the period, the relevant data will be routinely deleted, provided that they are no longer necessary for the performance of the contract or initiation of the contract.

21. Legal or contractual provisions for the provision of personal data; necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of non-deployment

We inform you that the provision of personal data is partly required by law (i.e. tax regulations) or may also result from contractual regulations (i.e. information about the contractual partner). In some ways, it may be necessary for a data subject to provide us with personal data, which must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with him or her. Failure to provide the personal data would mean that the contract with the data subject could not be concluded. Before providing personal data by the data subject, the data subject must contact one of our employees. Our employee clarifies on a case-by-case basis whether the provision of the personal data is required by law or contract or is required for the conclusion of the contract, whether there is an obligation to provide the personal data and what consequences the non-provision of the personal data would have.

22. Rights of the data subject

 

  • a) Right to information

    You can at any time exercise your right of access to us under Article 15 GDPR as to whether personal data concerning you are processed by us.

  • b) Right to correction

    You can exercise your right of rectification under Article 16 GDPR to us at any time and request the correction of inaccurate personal data concerning yourself.

  • c) Right to restrict processing

    You may at any time exercise your right to restrict the processing in accordance with Article 18 GDPR and request the restriction of the processing, provided that the legal requirements for doing so are met.

  • d) Right to erasure

    You can exercise your right of deletion under Article 17 GDPR to us at any time and request that personal data concerning you be deleted immediately if such data are no longer required for the purposes for which they were collected or otherwise processed. This right of deletion may be precluded by other legal obligations (e.g. retention obligations).

  • e) Right to be informed

    You can assert your right to information under Article 19 GDPR against us at any time. If you have asserted a right to delete, rectify or restrict the processing of personal data concerning you, we are obliged to notify all recipients to whom the personal data concerning you have been disclosed, the rectification or deletion of the data or the restriction of the processing, unless this proves impossible or this only involves a disproportionate effort. You have the right to be informed of these recipients.

  • f) Right to data portability

    You can exercise the right to data portability in accordance with Art. 20 GDPR at any time. You have the right to receive your personal data that you have provided to us in a structured, commonly-used and machine-readable format or to request that it be transfered to another controller if this is technically feasible.

  • g) Right to object

    You have the right, for reasons arising from your particular situation, to object at any time to the processing of personal data concerning you, which takes place pursuant to Article 6(1) (e) or (f) GDPR. We will no longer process these personal data in the event of an objection, unless we can prove compelling legitimate grounds for their processing that outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims. If we process personal data for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data for the purpose of such advertising. If the data subject objects to us from the processing for direct marketing purposes, we will no longer process the personal data for these purposes. To exercise the right of appeal, the person involved can contact us directly. They are also free to exercise his or her right of opposition by means of automated procedures.

  • h) Right to revoke a data protection consent

    You have the right to revoke your consent to the processing of personal data at any time. The revocation of your consent does not affect the lawfulness of the processing of your personal data that has taken place on the basis of your consent until its revocation.

  • i) Right to complain to a supervisory authority

    Without prejudice to any other administrative or judicial remedy, you shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your place of residence, place of work or place of the alleged infringement, if you consider that the processing of personal data concerning you is in breach of the GDPR.

 

1) This data protection declaration was prepared in the marked points by the Data Protection Declaration Generator, which is operated and made available in cooperation between DGD Deutsche Gesellschaft für Datenschutz GmbH, Dachau (available at: https://dsgvo-muster-datenschutzerklaerung.dg-datenschutz.de) and the lawfirm Wilde/Beuger/Solmecke Rechtsanwälte GbR, Cologne (available at: https://www.wbs-law.de/it-recht/datenschutzrecht/datenschutzerklaerung-generator/). These texts are subject to the copyright of DGD Deutsche Gesellschaft für Datenschutz GmbH, Dachau and the law firm Wilde/Beuger/Solmecke Rechtsanwälte GbR,Köln.