Data Protection Officer of the EOS Group
We handle your data with care.
1. Name and contact data of body responsible for processing (‘data controller’) and company data protection officer
EOS Holding GmbH
20099 Hamburg, Germany
Phone: +49 40 2532-8657
Fax: +49 40 2532-8658
Managing Directors: Klaus Engberding (Chairman), Justus Hecking-Veltman, Andreas Kropp, Marwin Ramcke and Dr Andreas Witzig
Court of registration: Hamburg HRB 124 966
VAT ID no.: DE 813 348 056
The data protection officer for the company EOS Holding GmbH can be contacted at the above address (please include the line ATTENTION: EOS Holding GmbH – eos-karriere.de) or by email at firstname.lastname@example.org.
You can find general information on data security for applicants here.
3. Collection and storage of personal data and nature and purpose of their processing
a. When you visit the website
When you retrieve our website (www.eos-karriere.de) the browser used on your device automatically sends information to our website’s server. This information is temporarily saved in a log file. The following information is collected without your intervention and saved until it is automatically deleted after three (3) days:
- IP address of retrieving computer,
- date and time of access,
- name and URL of retrieved file,
- website from which access occurred (referrer URL),
- website retrieved from our website,
- your computer’s browser and possibly operating system as well as name of your access provider.
The aforementioned data are processed by us for the following purposes:
- to ensure trouble-free connection establishment to the website,
- to ensure comfortable use of our website,
- to analyse the system security and stability, and
- for other administrative purposes.
The legal basis for processing of the data is Art. 6(1) Sent. 1 (f) of the GDPR. Our legitimate interest follows from the purposes for data collection listed above. Under no circumstances do we use the collected data for the purpose of drawing conclusions about you.
b. When you contact us by email
You can contact us with questions of any kind via the provided email address(es).
If you do so the personal data transmitted via the email are saved. The legal basis for data processing for the purpose of making contact is Art. 6(1)(f) of the GDPR. If contact is made for the purpose of concluding a contract an additional legal basis for processing is Art. (6)(1)(b) of the GDPR.
We delete the personal data collected by us after processing your enquiry provided we are not legally entitled or obligated to process it further.
4. Passing on of data
We only pass your personal data on to other companies of EOS Group or other third parties (recipients) if:
- you have provided your explicit consent for one or more specific purposes pursuant to Art. 6(1) Sent. 1 (a) of the GDPR,
- disclosure pursuant to Art. 6(1) Sent. 1 (f) of the GDPR is necessary for the assertion, exercising or defence of legal claims and there is no reason to assume that you have a primary protection-worthy interest in not having your data disclosed,
for the case that there is a legal obligation for disclosure pursuant to Art. 6(1) Sent. 1 (c) of the GDPR and
- it is legally permissible and necessary for fulfilment of contractual obligations pursuant to Art. 6(1) Sent. 1 (b) of the GDPR.
- we have the data processed on our behalf in compliance with Art. 28 of the GDPR.
Transmission of your personal data for purposes other than those listed above does not occur.
Cookies are divided up into the three categories of “Necessary,” “Statistics,” and “Marketing.”
Necessary cookies are necessary for the operation and the basic functioning of our website. In particular, they enable the security-relevant functionality of this website. These cookies are automatically deleted when you leave the website. The data processed through the aforementioned cookies are needed for the stated purposes for safeguarding our legitimate interests as well as those of third parties pursuant to Article 6(1)(f) of the GDPR.
Statistics cookies help us improve our offering and make it possible for us to design our website according to needs as well as continuously optimize it. For this, we collect anonymized data for statistics and analytics, for example, to determine site traffic, page view statistics, and user behavior and to adapt and improve our content and the website experience. The legal basis for this data processing is Article 6(1)(a) of the GDPR (consent).
We use marketing cookies so that we can provide you with relevant and interest-based content when you visit our website. The legal basis for this data processing is Article 6(1)(a) of the GDPR (consent).
Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is placed.
Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a notification always appears before a new cookie is set. Each browser differs depending on what the cookie settings are. This is described in the respective browser’s help menu, which provides an explanation of how you can change your cookie settings. Click on the appropriate link below for the browser you are using:
However, if you completely deactivate cookies, you may not be able to use all of the features of our website.
We use the following cookies:
|Purpose:||Analysis of usage data|
|Cookie name:||_et_coid, BT_sdc, BT_pdc|
|Cookie expiration time:||2 years|
|Name:||Google Analytics Remarketing|
|Cookie expiration time||12 months|
|Provider:||Facebook Ireland Limited|
|Purpose:||Analysis of user behavior & retargeting of users coming via Facebook|
|Cookie expiration rime:||6 months|
You can object to the data processing described above at any time as long as it is related to your person. Your objection does not have any negative consequences for you. In addition, you can withdraw your consent at any time here.
6. Analysis tools
The tracking measures listed below and used by us are carried out on the basis of Art. 6(1) Sent. 1 (f) of the GDPR. We use these tracking measures to ensure that our website is designed according to requirements and optimised on an ongoing basis. We also use the tracking measures to collect statistics on the use of our website and analyse them for the purpose of optimising our offering for you. These interests are to be considered as being legitimate in the sense given in the aforementioned regulation.
The respective purposes for data processing and data categories can be found in the corresponding tracking tools in this section.
a. Adobe Typekit Webfonts
On this website we use external fonts from Typekit. Typekit is a web font service by the company Adobe. The integration of web fonts takes place through a script, which downloads the needed font from the Adobe server. No cookies are being placed or used when using Adobe Typekit. More information can be found in the data protection regulations of Adobe Typekit, which can be downloaded here: http://www.adobe.com/privacy/typekit.html
b. etracker web controlling
etracker The provider of this website uses the services of etracker GmbH, Hamburg, Germany (www.etracker.com) to analyse usage data. Here, cookies are used which enable the statistical analysis of the use of this website by its visitors as well as the display of usage-relevant content or advertising. Cookies are small text files that are stored by the Internet browser on the user’s device. etracker cookies do not contain any information that could identify a user. The data generated with etracker is processed and stored by etracker solely in Germany by commission of the provider of this website and is thus subject to strict German and European data protection laws and standards. In this regard, etracker was checked, certified and awarded with the ePrivacyseal data protection seal of approval.
As the privacy of our visitors is very important to us, etracker anonymizes the IP address as early as possible and converts login or device IDs into a unique key with which, however,no connection to any specific person can be made with. etracker does not use it for any other purpose, combine it with other data or pass it on to third parties. You can object to the outlined data processing at any time provided it is related to your person. Your objection has no detrimental consequences for you. The collection and storage of data may be refused at any time with respect to subsequent services Further information on data protection with etracker can be found here.
c. Google Analytics Remarketing
Our websites use the features of Google Analytics Remarketing in conjunction with the cross-device features of Google AdWords and Google DoubleClick. The provider is Google Ireland Limited (“Google”), with headquarters in Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
This feature enables the advertising target audiences created with Google Analytics Remarketing to be linked with the cross-device features of Google AdWords and Google DoubleClick. In this way, interest-based, personalized marketing messages that were customized for you based on your previous usage and surfing behavior on one device (e.g., cell phone) can also be displayed on another one of your devices (e.g., tablet or PC).
If you have given the corresponding consent, Google will link your web and app browser history to your Google account for this purpose. In this way, the same personalized marketing messages can be placed on every device on which you sign into your Google account. To support this feature, Google Analytics records Google-authenticated user IDs, which are temporarily linked with our Google Analytics data so that target audiences for the cross-device advertising can be defined and created.
You can permanently object to cross-device remarketing/targeting by deactivating personalized ads in your Google account; to do so, click on this link.
The combining of the collected data in your Google account takes place solely on the basis of your consent, which you can grant to or revoke from Google (Article 6(1)(a) of the GDPR). For data collection processes that are not merged in your Google account (e.g., because you do not have a Google account or have objected to the merging), the collection of data is based on Article 6(1)(f) of the GDPR. The legitimate interest arises from the fact that the website operator has an interest in the anonymized analysis of website visitors for advertising purposes.
Google AdWords and Google Conversion Tracking
This website uses Google AdWords. AdWords is an online advertising program provided by Google Ireland Limited (“Google”), with headquarters in Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. Within the scope of Google AdWords, we use so-called conversion tracking. When you click on an ad placed by Google, a cookie for conversion tracking is set. Cookies are small text files that the web browser stores locally on the user’s computer. These cookies expire after 30 days and are not used for personal identification of users. If the user visits certain subpages of this website and the cookie has not yet expired, the fact that the user clicked on the ad and was directed to this subpage can be recognized by Google and us.
Each Google AdWords customer receives a different cookie. The cookies cannot be tracked via the websites of AdWords customers. The information gathered using the conversion cookie serves towards generation of conversion statistics for AdWords customers who have opted for conversion tracking. Each of the customers obtains information about the total number of users who clicked on the customer’s ad and were directed to a website provided with a conversion tracking tag. However, the customers do not receive any information allowing them to identify users personally. If you do not want to participate in tracking, you can easily object to this use by deactivating the Google conversion tracking cookie via the user settings in your web browser. You will not be included in the conversion tracking statistics after that.
Storage of “conversion cookies” takes place on the basis of Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in analyzing the user behavior to optimize both its website and its advertising.
Objecting to Data Collection
You can prevent the collection of your data by Google Analytics by clicking on the following link: Deactivate Google Analytics.
7. Social media and YouTube
a. Shariff solution
We use Shariff buttons from social networks Facebook, Twitter, Google+, LinkedIn, Xing on our website. The buttons are simple HTML links. The procedure we use is within the framework of the Shariff solution. With the Shariff solution a script retrieves the number of times, e.g., the share button on a page has been clicked on: for this the script contacts the social network via the programming interfaces and retrieves the numbers.
None of your personal data are transmitted in the process. Rather than your IP address, only our server address is transmitted to Facebook, Google and Twitter. You only become directly connected to Facebook, Google or Twitter if you perform an action. Before that the social networks cannot collect any data about you. As long as you do not click on a link to share content, you remain invisible to the networks. If you click on a link, the obligation to provide information about data collection and processing no longer rests with us, but rather with the operator of the social network.
b. Facebook Pixel
A pixel for conversion measurement (website Custom Audience pixel) from Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, (“Facebook”), is integrated into this website. Through this pixel, information about the use of this website is collected by EOS Holding GmbH and Facebook under joint responsibility and transmitted to Facebook. This information can be assigned to your person with the help of further information that Facebook has saved about you, e.g., due to your ownership of an account on the social network “Facebook.” By means of the information collected via this pixel, interest-based ads related to our offerings can be displayed on your Facebook account (retargeting). The information collected via this pixel can also be aggregated by Facebook for its own advertising purposes and for the advertising purposes of third parties. Thus, Facebook can, e.g., infer certain interests from your surfing behavior on this website and also use this information to advertise offerings from third parties. Facebook can also connect the information collected via the pixel with other information that Facebook has collected about you, via other websites and/or in connection with the use of the social network “Facebook,” so that a profile about you can be saved by Facebook. This profile can be used for advertising purposes. Facebook is solely responsible for the permanent storage and the described further processing of the tracking data collected via the website Custom Audience pixel used on this website.
The legal basis for this data processing is Article 6(1)(a) of the GDPR.
More information on data protection at Facebook Ireland Limited can be found at https://www.facebook.com/policy.php. Here, you will also find the possibility of asserting your rights as a data subject (e.g., right to erasure) in relation to Facebook Ireland Limited. You can revoke your consent to the transmission of the data to Facebook Ireland Limited through the use of the pixel on this website here.
You can also deactivate the remarketing feature “Custom Audiences” in the ad settings at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. For this, you have to be logged into Facebook.
c. YouTube videos
Our website contains links to videos from Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. If you visit a website on our website that contains such a video, a direct connection is established between your browser and the YouTube server after you have activated the video.
8. Date subject rights
You have the right:
- pursuant to Art. 15 of the GDPR to request information about your personal data processed by us, in particular about the purposes for processing, the personal data category, the categories of the recipients to whom your data have been or will be disclosed, the planned retention duration, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if they were not collected by us and the existence of automated decision-making including profiling and if applicable meaningful information about their details;
- pursuant to Art. 16 of the GDPR to demand the immediate rectification of incorrect or completion of the personal data saved by us about you;
- pursuant to Art. 17 of the GDPR to demand the erasure of the personal data saved by us about you as long as processing is not necessary for exercising of the right to freedom of expression and information, for fulfilment of a legal obligation, for reasons of public interest or for assertion, exercising or defence of legal claims;
- pursuant to Art. 18 of the GDPR to demand the restriction of processing of your personal data as long as the accuracy of the data is questioned by you and processing is unlawful, but you reject their erasure and we no longer need the data, but you require them for assertion, exercising or defence of legal claims or you have filed an objection to the processing in accordance with Art. 21 of the GDPR;
- pursuant to Art. 20 of the GDPR to demand receipt in a structured, standard and machine-readable format of your personal data which you provided to us or transmission to another responsible party;
- pursuant to Art. 7(3) of the GDPR to withdraw the consent you previously granted us at any time. This has the consequence that we may not continue the data processing upon which this consent was based in the future and
- pursuant to Art. 77 of the GDPR to file a complaint with a supervisory authority. Usually you can contact the supervisory authority in your usual place of residence or workplace or our headquarters.
9. Right to object
If your personal data are processed on the basis of legitimate interests in accordance with Art. 6(1) Sent. 1 (f) of the GDPR you have the right pursuant to Art. 21 of the GDPR to object to the processing of your personal data as long as there are reasons arising from your particular situation for this or the objection is directed to direct advertising. In the latter case you have a general objection right which will be implemented by us without statement of any particular situation.
If you would like to make use of your right to withdraw or reject you only need to send an email to email@example.com.
10. Data Security
We use the widespread SSL (Secure Sockets Layer) protocol in connection with the highest encryption level supported by your browser when you visit our website. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can recognize that a specific page on our website is being transmitted in encrypted form by the closed padlock or key icon in the lower status bar of your browser.
We also employ suitable technical and organizational security measures in order to protect your data against accidental or intentional manipulation, partial or total loss, destruction, or unauthorized access by third parties. We continuously update our security measures to keep pace with technological advances.