Privacy
Information for Website Users
§ 1 Information on the Collection of Personal Data
(1) In the following, we inform you about the collection of personal data when using our website. According to Art. 4 No. 1 of the General Data Protection Regulation (GDPR), personal data refers to any data that can be related to you personally, e.g., name, address, email addresses, or user behavior.
(2) The controller according to Art. 4 No. 7 GDPR is the company
Nect GmbH
Großer Burstah 21
20457 Hamburg
(3) You can reach our Data Protection Officer Dr. Volkan Güngör at the address mentioned above.
(4) For all questions and concerns regarding your data, please contact privacy@darkgreen-armadillo-251331.hostingersite.com. Alternatively, we recommend using encrypted communication channels; please refer to § 3 (1) for details.
Should you wish to communicate directly with our Data Protection Officer (for example, if you have a particularly sensitive concern), please contact them by postal mail, as email communication can always have security vulnerabilities.
§ 2 Collection of Personal Data when Visiting our Website
(1) When merely using the website for informational purposes, i.e., if you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which are technically necessary for us to display our website to you and to ensure its stability and security:
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Amount of data transferred in each case
- Website from which the request originates
- Browser
- Operating system and its interface
- Language and version of the browser software.
(2) We process these aforementioned personal data for the technical provision and stability of our website on the following legal bases:
for the technical provision of our website in accordance with § 25 (2) No. 2 TDDDG (necessary storage for the provision of a telemedia service), as the processing of the aforementioned data is absolutely necessary to enable you to use our website as expressly requested, or
to protect our legitimate interests pursuant to Art. 6 (1) lit. f) GDPR, in order to be able to provide you with the website technically and securely.
(3) Should you visit our website for information about our products and services, please refer to the privacy policy of Nect Wallet for further details.
(4) This data is stored for 90 days and then automatically deleted.
§ 3 Contact Form
(1) For inquiries, we offer you the possibility to contact us via forms provided on the website. In the area of our identification solutions, you can use this contact form: Nect | Support. For exercising your data subject rights under the GDPR, we provide you with this contact form: https://darkgreen-armadillo-251331.hostingersite.com/de/privacy-concern/. Specifically, providing a valid email address or name is required so that we know who the inquiry is from and can respond to it. Further information can be provided voluntarily.
(2) Data processing is carried out for the purpose of communicating with you, responding to your inquiry, or for the targeted processing of a submitted request pursuant to Art. 15 to 22 GDPR. If the contact aims at the conclusion or performance of a contract or the implementation of pre-contractual measures, the legal basis is Art. 6 (1) S. 1 lit. b) GDPR. For personal data provided for the exercise of your data subject rights, the legal basis arises from Art. 6 (1) lit. c) GDPR, as we, as the controller within the meaning of Art. 4 No. 7 GDPR, are legally obliged to respond to your inquiry. Otherwise, we process your data based on our legitimate interest in contacting inquiring persons quickly and easily or ensuring a service-oriented response to your inquiries. The legal basis for this is then Art. 6 (1) lit. f) GDPR.
(3) If you enter your data into the contact form “Sales Inquiry” (Nect | Get in touch), your entered data will only be transmitted if you agree to our privacy policy by explicitly checking the box labeled “I have read and understood Nect’s privacy policy” in the form and submit the form by clicking the “Send” button. By agreeing to our privacy policy, you consent to your data being transmitted to server locations of Salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich in Europe (Frankfurt am Main, Germany as the main server location and Paris, France for backup) (hereinafter “Salesforce”).
We use Salesforce for managing customer data for sales inquiries. The provider is Salesforce Germany GmbH; the headquarters of Salesforce.com Inc. is at 415 Mission St., 3rd Floor, San Francisco, CA 94105. The web-based contact form “Sales Inquiry,” which is integrated into our website, is linked to Salesforce.
We have concluded a data processing agreement with Salesforce in accordance with Art. 28 GDPR. Salesforce processes personal data exclusively according to our instructions and in compliance with the data protection requirements of the GDPR. To protect data transfers to so-called third countries outside the EU or EEA, Salesforce relies on Binding Corporate Rules (BCR) approved by the French data protection authority (CNIL). These binding internal corporate data protection regulations ensure an adequate level of data protection for intra-group data transfers. Furthermore, Salesforce is certified under the EU-US Data Privacy Framework and is thus approved for data transfers to the USA in accordance with Art. 45 GDPR. The current certification can be viewed on the website of the US Department of Commerce: https://www.dataprivacyframework.gov/. Salesforce also complies with recognized security standards and is certified, among others, according to ISO/IEC 27001, SOC 2, and PCI-DSS. Access to data is strictly regulated and only takes place within the legally permissible framework.
Further information on data protection in connection with Salesforce can be found in Salesforce’s privacy policy: https://www.salesforce.com/de/company/privacy/.
The legal basis for using Salesforce is Art. 6 (1) lit. f) GDPR, based on our legitimate interest in optimizing our sales activities and processing customer inquiries.
(4) The personal data collected by us for the use of the contact forms will be deleted immediately and to the full extent legally required after your inquiry has been processed or after the termination of our contractual or business relationship.
Furthermore, unless there are statutory retention obligations, particularly arising from commercial or tax law provisions (typically two to 10 years), we also delete your personal data for the preservation of evidence in accordance with civil law limitation periods pursuant to §§ 195 et seq. BGB regularly after three years and in exceptional cases after 30 years.
§ 4 Cookies, Plug-ins, Web Tracking
(1) General Information on Cookies
Our website uses cookies. These are small text files that are stored on your device and contain certain information. Cookies can be technically necessary or optional. If consent is required for the use of cookies, we obtain it via our consent management tool “Borlabs Cookie.”
Legal bases:
For cookies requiring consent: Art. 6 (1) lit. a) GDPR in conjunction with § 25 (1) TDDDG
For technically necessary cookies: Art. 6 (1) lit. f) GDPR or § 25 (2) No. 2 TDDDG
(2) Technically Necessary Cookies
These cookies are necessary to provide the basic functions of our website (e.g., page navigation, language settings). Without these cookies, the website cannot function correctly. You can deactivate these cookies via your browser settings, which may, however, lead to functional limitations.
(3) Cookies and Tracking Technologies Requiring Consent
With your explicit consent pursuant to Art. 6 (1) lit. a) GDPR and § 25 (1) TDDDG, we use certain services and technologies on our website that store or access information on your device. These serve to analyze website usage, optimize our advertising, and increase security. Processing only takes place after active consent via our cookie banner. You can revoke your consent at any time with effect for the future.
Services used in detail:
Google reCAPTCHA: To protect against automated access (bots). This may involve the transfer of personal data to the USA.
Data processing only takes place after your explicit consent via the cookie banner. You can revoke your consent at any time with effect for the future [see § 5 (3) of this privacy policy].
Google Analytics (with IP anonymization): For analyzing user behavior and improving our offering [see § 5 (4) of this privacy policy].
Google Ads (Conversion Tracking): Within the scope of Google Ads, we use so-called enhanced conversion tracking. Enhanced conversions are a feature that supplements existing conversion tags. This allows conversion data collected on the website itself to be sent to Google in encrypted form [see § 5 (5) of this privacy policy].
Google Tag Manager
Our website uses Google Tag Manager as a technical platform that centrally bundles and manages various web services such as tracking and analysis tools (e.g., Google Analytics). Specific conditions can be assigned to these services via a uniform user interface [see § 5 (8) of this privacy policy].
LinkedIn Insight Tag: For analyzing LinkedIn campaigns and audience building [see § 5 (9) of this privacy policy].
Meta Pixel (Facebook/Instagram): For analyzing and optimizing our Facebook/Instagram advertising [see § 5 (10) of this privacy policy].
Further information on cookies and tracking technologies requiring consent can be found under § 5 of this privacy policy.
(4) Social Networks
Our website contains links to social networks (e.g., Facebook, LinkedIn). These are merely redirects. A connection to the respective network is only established when you click on such a link. Further information can be found under § 6 (2) of this privacy policy.
Tool
Provider
Purpose
Legal Basis
Storage Duration
Data Transfer
Google Analytics
Google LLC
Analysis of user behavior, improvement of offering
Consent (Art. 6 (1) lit. a) GDPR)
14 months
USA
Google Ads
Google LLC
Success measurement of advertising campaigns
Consent (Art. 6 (1) lit. a) GDPR)
90 days
USA
Meta Pixel
Meta Platforms, Inc.
Analysis and optimization of Facebook/Instagram advertising
Consent (Art. 6 (1) lit. a) GDPR)
180 days
USA
LinkedIn Insight Tag
LinkedIn Corp.
Analysis of LinkedIn campaigns, audience building
Consent (Art. 6 (1) lit. a) GDPR)
180 days
USA
Google LLC
Google reCAPTCHA
Protection against automated access (bots)
Consent (Art. 6 (1) lit. a) GDPR)
Session
USA
§ 5 Use of Specific Tools and Services
(1) Borlabs Cookie
We use the cookie consent tool “Borlabs Cookie” from Borlabs GmbH, Hamburger Str. 11, 22083 Hamburg, on our website. This tool serves to obtain, manage, and document your consent for storing and accessing information on your device, as well as for processing personal data. For this purpose, Borlabs Cookie sets a technically necessary cookie that stores your consent decision or any revocation. This cookie does not store any personal data.
The legal basis for the use of Borlabs Cookie is Art. 6 (1) lit. c) GDPR (fulfillment of a legal obligation to document consent, Art. 7 (1) GDPR) and § 25 (2) No. 2 TDDDG (technically necessary cookie).
(2) Hosting by Hostinger
Our website is hosted by Hostinger, a service of Hostinger International Ltd., 61 Lordou Vironos Street, 6023 Larnaca, Cyprus. Hostinger provides the technical infrastructure for the operation of our website, in particular web servers, storage space, and databases. When you visit our website, certain data is automatically processed, e.g., IP address, time of access, pages viewed, and technical information about the browser. This data is stored on Hostinger’s servers. Hostinger processes the data exclusively according to our instructions and within the framework of a data processing agreement pursuant to Art. 28 GDPR.
Data processing is carried out on the basis of Art. 6 (1) lit. f) GDPR. Our legitimate interest lies in the secure, stable, and efficient provision of our website.
Third-country transfer:
Hostinger also operates data centers outside the EU/EEA. In this case, data transfer takes place on the basis of the EU Standard Contractual Clauses (pursuant to Art. 46 GDPR) to ensure an adequate level of data protection.
Further information on data protection at Hostinger can be found at: https://www.hostinger.de/datenschutzerklarung
(3) Google reCAPTCHA
We use Google reCAPTCHA on our website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The service serves to protect our website from spam and abuse (e.g., through automated entries in forms). For analysis, reCAPTCHA checks various information about user behavior (e.g., IP address, mouse movements, dwell time, screen resolution, language settings, possibly existing Google cookies). The analysis starts automatically as soon as a page with reCAPTCHA is loaded. The collected data is transmitted to Google servers.
Data processing takes place – where necessary – on the basis of your consent pursuant to Art. 6 (1) lit. a) GDPR in conjunction with § 25 (1) TDDDG (storage of or access to information on the end device). If no consent is obtained, processing is based on our legitimate interest in preventing abuse and spam pursuant to Art. 6 (1) lit. f) GDPR.
Google bases any data transfers to third countries on so-called Standard Contractual Clauses (Art. 46 GDPR) to ensure an adequate level of data protection.
Further information can be found in Google’s privacy policy: https://policies.google.com/privacy?hl=de and at: https://www.google.com/recaptcha/about/.
(4) Google Analytics
We use Google Analytics 4 on our website, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics enables us to analyze the behavior of website visitors to improve our offering. This includes, among other things, IP address, user behavior, pages viewed, click behavior, origin (referrer), device used, and browser data. Google Analytics uses technologies such as cookies and so-called “events” to collect information about your use of our website. The information generated by these technologies can be transferred to Google servers in the USA and stored there.
We have activated IP anonymization on this website, so your IP address is truncated within the European Union or the EEA before it is transmitted to Google.
The processing of your data takes place on the basis of your consent pursuant to Art. 6 (1) lit. a) GDPR and § 25 (1) TDDDG (consent to store information on the end device). You can revoke your consent at any time by adjusting your cookie settings.
The transfer of data to the USA takes place on the basis of the Standard Contractual Clauses approved by the EU Commission (Art. 46 GDPR). Google thereby commits to ensuring a level of protection corresponding to the EU data protection level.
Further information on data processing by Google can be found at: https://policies.google.com/privacy?hl=de.
(5) Google Ads (Conversion Tracking)
Our website uses the online advertising program Google Ads (formerly Google AdWords) and, in this context, conversion tracking. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
If you click on a Google ad, a conversion tracking cookie is placed on your device. This cookie expires after 30 days and is not used for personal identification. If you visit certain pages of our website within this period, Google and we can recognize that you clicked on the ad and were redirected to a specific landing page.
Each Google Ads customer receives an individual conversion cookie. Tracking across websites of different Ads customers is not possible. The information obtained with the help of the cookie is used to generate conversion statistics – for example, how many users clicked on an ad and landed on a conversion page. No personal information that allows direct identification is transmitted in this process.
The use of Google Ads Conversion Tracking is based on your consent in accordance with Art. 6 para. 1 lit. a) GDPR and § 25 para. 1 TDDDG (consent to the setting of cookies). You can revoke your consent at any time via your cookie settings.
Data transfer to third countries:
In the context of using Google Ads, personal data may be transferred to Google servers in the USA. Google relies on the standard contractual clauses approved by the EU Commission (Art. 46 GDPR) to ensure an adequate level of data protection.
Further information on data protection at Google can be found at: https://policies.google.com/privacy?hl=de.
(6) Google Search Console
We use Google Search Console, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Search Console helps us monitor and optimize the visibility of our website in Google Search, for example, by analyzing search terms, click numbers, impressions, and average positions. These are aggregated data, not personal data, provided exclusively by Google. Google Search Console does not collect data from visitors to our website, and no tracking code is integrated on our site.
The use of Search Console is based on our legitimate interest in accordance with Art. 6 para. 1 lit. f) GDPR to ensure the technical and content optimization of our website for search engines.
Further information on data protection at Google can be found at: https://policies.google.com/privacy?hl=de.
(7) Google Fonts (local)
We use Google Fonts on our website, which we have integrated locally on our server for data protection reasons. As a result, no connection is established to Google servers, and no personal data (e.g., IP addresses) is transmitted to Google.
The local integration of fonts enables us to present our website consistently and visually appealing across various devices and browsers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f) GDPR.
(8) Google Tag Manager
Our website uses Google Tag Manager from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google Tag Manager is a tag management system that manages and triggers other services such as analytics or marketing tools. This may involve the transmission of personal data (e.g., IP address) to Google. Google Tag Manager itself does not store personal data or set cookies. Nevertheless, its use requires consent, as it reloads tracking services that can process personal data. Therefore, Google Tag Manager is only activated with your explicit consent, which you can provide via our cookie banner and revoke at any time.
The legal basis is your consent in accordance with Art. 6 para. 1 lit. a) GDPR, § 25 para. 1 TDDDG.
Data transfer to third countries:
To the USA, based on the standard contractual clauses according to Art. 46 GDPR.
Further information: https://support.google.com/tagmanager
(9) LinkedIn Insight Tag
On our website, we use the LinkedIn Insight Tag from LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. This tag helps us measure campaign success, re-engage visitors to our website via LinkedIn (retargeting), and obtain demographic information about users, provided they are registered with LinkedIn.
When visiting a page where the Insight Tag is integrated, a connection to LinkedIn’s servers is established. Personal data such as IP address, device information, referrer URL, timestamp, and page views are collected. If you are logged into LinkedIn, LinkedIn can associate the website visit with your user account.
The use of the LinkedIn Insight Tag is based on your consent in accordance with Art. 6 para. 1 lit. a) GDPR and § 25 para. 1 TDDDG (consent to the storage of or access to information on your device). You can revoke your consent at any time via your cookie settings.
Data transfer to third countries:
The collected data may be transferred to LinkedIn servers in the USA and other third countries. LinkedIn uses EU standard contractual clauses in accordance with Art. 46 GDPR to ensure an adequate level of data protection.
Further information on data protection at LinkedIn can be found at: https://www.linkedin.com/legal/privacy-policy.
(10) Meta Pixel (Facebook/Instagram)
On our website, we use the Meta Pixel (formerly Facebook Pixel) from Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. With the help of this tool, we can analyze the behavior of website visitors to measure the effectiveness of our advertisements on Facebook and Instagram, target specific audiences, and display personalized advertising.
When you visit our website, a connection to Meta’s servers can be established via the Meta Pixel. Personal data such as IP address, device information, browser details, visited pages, referrer URL, timestamp, and Pixel ID are collected. If you are logged into Facebook or Instagram or have a corresponding profile, this information can be assigned to your user account.
The use of the Meta Pixel is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG (consent to the storage of and access to information on your device). You can revoke your consent at any time via your [Cookie Settings].
Data transfer to third countries:
Meta may also transfer the data collected via the Pixel to third countries (especially the USA). For this purpose, Meta relies on the standard contractual clauses approved by the EU Commission in accordance with Art. 46 GDPR to ensure an adequate level of data protection.
Further information on data protection at Meta can be found at: https://www.facebook.com/policy.php.
§ 6 Information on Social Media
(1) We are represented on several social media platforms with our own company page. The following platforms are used by us, among others: LinkedIn, X (formerly Twitter), or Instagram.
(2) Through this, we aim to offer further opportunities for information and communication. Further information can be found in our Social Media Privacy Notices: Nect | Privacy Notices for Facebook, Instagram and others.
§ 7 Videos
(1) For embedding videos, we use the provider Vimeo. Vimeo is operated by Vimeo.com, Inc. with its headquarters at 330 West 34th Street, 5th Floor New York, New York 10011, USA.
(2) We use this service within our online presence based on our legitimate interest. This legitimate interest lies in the analysis, optimization, and economic operation of our online presence. The legal basis is Art. 6 para. 1 lit. f) GDPR. Furthermore, the storage of information on the end device or access to information already stored on the end device is absolutely necessary for us to be able to provide a video explicitly requested by you. The legal basis is § 25 para. 2 no. 2 TDDDG.
(3) For the purpose and scope of data collection and further processing and use of data by Vimeo, as well as your related rights and setting options for protecting your privacy and information on data protection by Vimeo, please refer to:
§ 8 Provision of Free Information or Events
(1) If we provide you with free information and knowledge content in the context of online events such as recorded or live webinars or via an online form, we require your personal data to be able to provide you with our offer. If you do not provide us with this data, participation in the webinar, for example, will not be possible. To conduct webinars via the internet, we rely on the solution from Vimeo (Vimeo Interactive Video Experience Platform, Inc., 330 West 34th Street, 5th Floor, New York, New York 10001, USA privacy@vimeo.com).
(2) By registering, you expressly agree that your personal data may be processed for marketing purposes and used by Nect to contact you via email or telephone.
(3) The following of your data will be collected: Depending on the request
First and last name,
Company name,
Phone number,
Email address.
Furthermore, as the host, we are shown the following analyses of individual participants’ viewer activities via Vimeo: Watch Time, questions asked in the Q&A session, and answers to surveys within the webinar. Additionally, Vimeo provides us, as the host, with analyses of the total viewership, e.g., audience numbers, without drawing conclusions about individual participants.
Following a webinar, you will automatically receive the recording link for the webinar via email from Vimeo.
(4) Your data will be processed for the following purposes:
Provision of free information,
Participation in and execution of free online events such as webinars, relationship or customer care or support, and/or marketing.
(5) Legal basis(es):
In the event of a contract conclusion, the legal basis is Art. 6 para. 1 lit. b) GDPR.
Furthermore, for free webinars, the legal basis is Art. 6 para. 1 lit. f) GDPR.
Furthermore, your explicit declaration of consent allows us to contact you electronically for marketing activities (advertising).
(6) Storage duration: We store your personal data for as long as it is necessary to fulfill our legal obligations, but no longer than two years, or as long as consent has not been revoked.
(7) Your rights: We will gladly inform you whether personal data concerning you is being processed; if so, you have a right to information about this personal data and to the details listed in Art. 15 GDPR. Furthermore, under the respective legal conditions, you have the right to rectification (Art. 16 GDPR), the right to restriction of processing (Art. 18 GDPR), the right to erasure (Art. 17 GDPR), and the right to data portability (Art. 20 GDPR).
In accordance with Art. 21 para. 1 GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6 para. 1 lit. f) GDPR (data processing for the protection of a legitimate interest).
You can object to the use of your data for marketing activities using electronic mail at any time, without incurring costs other than the transmission costs at the basic rates.
In the event of your objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims. You can revoke your consent to the processing of personal data at any time. Please note that the revocation is only effective for the future.
Without prejudice to these rights and the possibility of asserting any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority at any time, in particular in the Member State of your habitual residence, your place of work, or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes data protection regulations (Art. 77 GDPR).
(8) For the implementation of online events such as webinars, we collaborate with the video platform Vimeo. For the purpose and scope of data collection and further processing and use of data by Vimeo, as well as your related rights and setting options for protecting your privacy and information on data protection by Vimeo, please refer to:
Privacy Policy on Vimeo
§ 9 Job Applications
(1) Processor
You can apply for open positions with us online on the career portal. The career portal is operated on our behalf by softgarden e-recruiting GmbH
Germany (Tauentzienstraße 14 10789 Berlin; hereinafter: Softgarden). A data processing agreement in accordance with Art. 28 GDPR exists with Softgarden.
(2) Purposes and Legal Bases of Processing
We process your personal data in accordance with the provisions of the GDPR and the Federal Data Protection Act (BDSG), insofar as this is necessary for the application process. The legal basis for this is Art. 88 GDPR in conjunction with § 26 BDSG for the initiation or execution of employment relationships.
Furthermore, we may process your personal data if this is necessary to protect our legitimate interests or those of a third party, and if your interests or fundamental rights and freedoms, which require the protection of personal data, do not override them. Legitimate interests may include, for example:
- Defense or assertion of legal claims against or by us or third parties arising from the application process
- Ensuring IT security and IT operations
- Measures for building and facility security (such as access controls)
- Use of external service providers who process your personal data on our behalf
(3) Categories of Personal Data
We only process data that is related to your application. The processed data includes, in particular:
- Master data (e.g., name, address, contact details),
- Application documents (e.g., CV, certificates),
- Technical data (e.g., IP address, timestamp),
- Feedback from the application process.
We use the opt-in procedure for the use of the form. This means that we transmit your application data only if you have confirmed the data protection notice.
In the context of the online application process, technically necessary cookies may be used to ensure the functionality of the application portal (e.g., for session management). Further information on the use of cookies and tracking technologies can be found in § 4 and § 5 of this privacy policy.
(4) Sources of Data
We receive the data either directly from you or through recruitment agencies commissioned by you.
(5) Recipients of Data
Your data will only be passed on to internal departments involved in the application process. Furthermore, processing is carried out by Kenjo GmbH within the framework of a data processing agreement in accordance with Art. 28 GDPR. In these cases, we ensure that the processing complies with the provisions of the GDPR. Otherwise, data will only be transferred to recipients outside the company if legal provisions permit or require it, if the transfer is necessary for the processing and thus for the fulfillment of the application process, if we have your consent, or if we are authorized to provide information.
(6) Location of Data Processing
A transfer to third countries only takes place in compliance with the requirements of Art. 44 et seq. GDPR, e.g., on the basis of an adequacy decision or standard contractual clauses.
(7) Duration of Data Storage
The data will be stored until the application process is completed. The data will be deleted after six months at the latest. In individual cases, a storage period may extend beyond the decision on the establishment of the intended contractual relationship. This would be the case, for example, if there are indications that you will assert claims against us. The data will then be stored for as long as the processing of the data is necessary for the assertion, exercise, or defense of legal claims. Criteria for the storage period may include deadlines under laws such as Section 15 (4) sentence 1 of the General Equal Treatment Act, Section 61b of the Labor Court Act, limitation periods, or statutory retention obligations. Storage may also occur if this is provided for or prescribed by the European or national legislator in Union law regulations, laws, or other provisions to which the controller is subject.
(8) Your rights under Art. 15 et seq. GDPR
As an applicant, you naturally have the opportunity to exercise your data subject rights under the GDPR. Further information can be found here: https://nect.com/de/privacy-concern/ and in Section 11 of this Privacy Policy.
(9) Necessity of Providing Personal Data
The provision of personal data within the application process is not legally required. You are therefore not obliged to provide information about your personal data. However, please note that this data is necessary for the application process. If you do not provide us with personal data, we cannot conduct an effective application process with you. We recommend providing only such personal data that is necessary for initiating and carrying out the application.
(10) Automated Decision-Making
No automated decision-making within the meaning of Art. 22 GDPR takes place.
Section 10 Data Transfer
Insofar as personal data is transferred under this Privacy Policy to a country that is neither a member state of the European Union nor a contracting state to the Agreement on the European Economic Area (third country), this is done on the basis of an adequacy decision by the EU Commission or by using standard data protection clauses in accordance with Art. 46 GDPR. When using standard data protection clauses, we aim to implement additional measures to protect your data, where necessary.
Section 11 Your Rights
(1) You have the following rights against us regarding your personal data:
- Right of access,
- Right to rectification or erasure,
- Right to restriction of processing,
- Right to data portability.
(2) If we process your data to protect legitimate interests, you may object to this processing for reasons arising from your particular situation. We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves the assertion, exercise, or defense of legal claims.
(3) You also have the right to lodge a complaint with a data protection supervisory authority regarding our processing of your personal data. You can contact the supervisory authority at our company’s registered office for this purpose. The competent supervisory authorities can be found under the following link on the internet: Addresses and Links – Addresses and Links
Section 12 Right to Revoke Consent to Data Processing
If you have given consent to the processing of your data, you can revoke it at any time with future effect without stating reasons. Such a revocation affects the lawfulness of the processing of your personal data after you have expressed it to us. You can inform us of your revocation using the following contact details: the company Nect GmbH, Großer Burstah 21, 20457 Hamburg, privacy@darkgreen-armadillo-251331.hostingersite.com, see also under Imprint.
Section 13 Data Security
(1) During website visits, we use the widespread SSL (Secure Socket Layer) procedure in conjunction with the highest encryption level supported by your browser. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we resort to 128-bit v3 technology instead. You can recognize whether an individual page of our website is transmitted encrypted by the padlock symbol in your browser’s address bar.
(2) Furthermore, we employ appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
Section 14 Validity
This Privacy Policy is currently valid and is as of June 2025. Due to the further development of our website and its offerings or due to changed legal or regulatory requirements, it may become necessary to amend this Privacy Policy. The currently valid Privacy Policy can be accessed at any time at https://nect-gmbh.com/datenschutz.
As of: June 2025