Career counselling, career advice, personnel placement
Arrive at the right place professionally.
DATA PROTECTION
I. Name and contact details of the controller
The controller within the meaning of the General Data Protection Regulation (GDPR), other national data protection laws of the member states and other data protection regulations is:
Basicfox
Lisa Vollrath
Karl-Rothe-Str. 11 (rear building)
04105 Leipzig
Germany
E-mail: mail@basicfox.com
Website: www.basicfox.com
II. General information on data processing
1. Scope of personal data processing
In principle, Basicfox processes personal data of the users of this website only to the extent necessary to provide a functional website and our content and services. The processing of personal data of our users takes place regularly only with the consent of the user. An exception applies in cases where it is not possible to obtain prior consent for practical reasons and the processing of the data is permitted by law.
2. Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 (1) point a GDPR serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is party, Art. 6 (1) lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
Insofar as the processing of personal data is required to fulfil a legal obligation to which our company is subject, Art. 6 (1) lit. c GDPR serves as the legal basis. In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 (1) lit. d GDPR serves as the legal basis.
If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for processing.
3. Data erasure and storage period
The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Storage beyond this period is possible if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. Blocking or deletion of the data also takes place when a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.
III. Provision of the website and creation of log files
1. Description and scope of data processing
Each time our website is accessed, our system automatically collects data and information from the accessing computer system.
The following data is collected:
- IP address of the requesting computer
- Date and time of access
- Name and URL of the retrieved file
- Website from which access is made (referrer URL)
- Websites accessed by the user's system via our website
- Browser used and the operating system of the requesting computer as well as
- the name of the access provider
​
2. Legal basis for data processing
The legal basis for the temporary storage of data and log files is a legitimate interest in accordance with Art. 6 (1) point f GDPR.
3. Purpose of data processing
The storage in log files is done to ensure the functionality of the website. In addition, the data helps us to optimise the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
4. Duration of storage
The deletion of the data by our webhoster ‘Wix.com’ takes place as soon as the purpose of its collection has been fulfilled. Further information on the handling of the transferred data can be found at: https://de.wix.com/about/privacy.
5. Objection and removal option
The collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website. Consequently, there is no possibility for the user to object.
IV. Use of the services of ‘Wix.com’ as a web host
​
1. Description and scope of data processing
On our website, we use the web service of Wix.com Ltd., Nemal St. 40, 6350671 Tel Aviv, Israel, in particular the services at ‘wixstatic.com’ and ‘Parastorage.com’.
We use these services to ensure that our website is fully functional. In this context, your browser may transmit personal data – such as your IP address – to Wix.com, wixstatic.com and Parastorage.com.
According to the EU Commission, the State of Israel provides an adequate level of protection for the transfer of personal data from the European Union.
Wix.com ensures that personal data is handled in accordance with data protection regulations and, in this context, provides a data processing agreement in accordance with the GDPR when the respective service agreement is concluded.
However, according to its own information, Wix.com also processes data in the USA and thus risks regarding the lawfulness and security of the processing of personal data exist. Wix.com submits to the so-called standard contractual clauses (SCC) and thus offers a measure - with regard to data protection-compliant data transfer to the USA.
2. Legal basis for data processing
The legal basis for data processing is Art. 6 para. 1 lit. f DSGVO. The legitimate interest consists in the error-free functioning of the website.
3. Purpose of data processing
We use these services to ensure the full functionality of our website.
4. Duration of storage
Wix.com deletes the data as soon as the purpose of its collection has been fulfilled. Further information on the handling of the transferred data can be found at: https://de.wix.com/about/privacy.
5. Objection and removal option
You can prevent Wix.com from collecting and processing your data by disabling the execution of script code in your browser or by installing a script blocker in your browser. For more information, please visit: www.noscript.net or www.ghostery.com).
V. E-mail contact & contact form
1. Description and scope of data processing
On our website you have the option to write to basicfox directly by email. Furthermore, there is a contact form that can also be used for electronic contact. If a user makes use of this option, the data entered in the input mask is transmitted to us and stored. These data are: name, email address, optionally the phone number and the respective message. At the time of sending the message, the IP address and the date and time of registration are also stored.
In this context, the data is not passed on to third parties. The data is used exclusively for processing the conversation.
2. Legal basis for data processing
The legal basis for the processing of data transmitted in the course of sending an e-mail or using a contact form is our legitimate interest in accordance with Art. 6 (1) point f GDPR.
If the purpose of the e-mail contact is to conclude a contract, the additional legal basis for the processing is Art. 6 (1) point b GDPR.
3. Purpose of data processing
The purpose of processing personal data in connection with establishing contact via e-mail or using the contact form is to record data of interested parties with the aim of concluding a contract and answering questions.
4. Duration of storage
E-mails are deleted by basicfox every six months. E-mails that belong to the categories ‘business letters’ and ‘accounting documents’ are excluded from this deletion period. In these cases, the regulations regarding the retention periods according to § 147 AO and § 257 HGB apply.
5. Objection and removal option
The user has the option to object to the storage of their personal data at any time. In such a case, the conversation by email cannot be continued.
The objection can be made informally by email to basicfox.
All personal data stored in the course of the email contact will be deleted in this case. The data will be deleted provided that there are no legal retention periods that prevent this.
VI. E-mail contact for applications
1. Description and scope of data processing
If you apply for an advertised position at basicfox by e-mail or send us an unsolicited application by e-mail, your details will be used exclusively for processing your application.
The collected data, such as your email address, the text in the subject line and in the message field as well as the attachments sent are forwarded within our company to the responsible departments that have been entrusted with processing the application. Your data will not be passed on to third parties.
2. Legal basis for the processing of personal data
The legal basis for the processing of your application data for the stated purpose is Art. 6 para. 1 lit. b GDPR. Without the data processing, we cannot process your application and cannot carry out the application procedure.
3. Purpose of the data processing
The aim of an application procedure is to find a suitable person for the vacant position. By submitting your application documents, you are expressing an interest in the advertised position and giving basicfox the opportunity to get an overview of your suitability for this position and to decide on the next steps in the application process.
If you send us an unsolicited application, we will be happy to consider it in further application processes, provided that you have given us your consent to store your unsolicited application documents.
4. Duration of storage
If no employment contract is concluded, your application documents will be deleted six months after the application process has ended. We require your consent to include your documents in our applicant pool and thus to store your documents for a longer period.
5. Objection and removal options
The user has the option to object to the storage of their personal data at any time. In such a case, the processing of your application cannot be continued.
The objection can be made informally by email to basicfox.
All personal data stored by email in the course of the application will be deleted in this case. The prerequisite for the deletion of the data is that there are no legal retention periods to the contrary.
VII. Links to social media sites
Description and scope of data processing
This website contains links to Facebook, Instagram, Xing and LinkedIn.
These are links and not plugins/like buttons, so no cookies are set for Facebook, Instagram, Xing and LinkedIn when you visit this website.
However, there is a possibility that personal data (e.g. the IP address of the visitor to the website) may be transmitted to Facebook, Instagram, Xing and LinkedIn when you click on these links.
This data may be processed by:
ïƒ Facebook (Facebook Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland); data policy at :https://de-de.facebook.com/about/privacy/
ïƒ Instagram (Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA);
Data protection information available at: https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/
ïƒ Xing (New Work SE, Am Strandkai 1, 20457 Hamburg, Germany);
Data protection information available at: https://privacy.xing.com/de/datenschutzerklaerung and
ïƒ LinkedIn (LinkedIn Corporation, 2029 Stierln Court, Mountain View, CA 94043 USA) Data protection information at: https://legal.linkedin.com/pages-joint-controller-addendum.
We use a text to draw the attention of our website visitors to the links shown
to these possible data transfers.
2. Legal basis for data processing
The legal basis for the processing of data in the course of embedding links to Facebook, Instagram, Xing and LinkedIn is a legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR in referring visitors to the website to the social media sites of basicfox.
3. Purpose of data processing
The embedding of links to Facebook, Instagram, Xing and LinkedIn on this website serves to provide further information about basicfox on their social media sites.
4. Duration of storage
basicfox does not store any data in the course of linking to Facebook, Instagram, Xing and LinkedIn.
5. Objection and removal option
By clicking on the respective link, the website visitor accepts a possible data transfer to Facebook, Instagram, Xing and LinkedIn.
In this case, there is no possibility for the website visitor to object to or remove the data.
VIII. Google Fonts
1. Description and scope of data processing
We use fonts from Google Fonts (Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland). Google Fonts are hosted locally on a dedicated server belonging to Delphia Coaching's IT service provider. This means that Google Fonts does not set any cookies when you visit our website.
2. Legal basis for data processing
The legal basis for the use of Google Fonts is our legitimate interest in accordance with Art. 6 para. 1 lit. f DSGVO. (Hosting Google Fonts is done on the own server of the IT service provider of ‘Delphia Coaching’)
3. Purpose of data processing
Google Fonts is an important component for ensuring the quality of our website. All Google fonts are automatically optimised for the web to save data volume and is therefore a great advantage especially for use on mobile devices.
4. Duration of storage
Due to the local hosting of Google Fonts, no personal data of our website users is stored by Google Fonts.
IX. Use of cookies and third-party requests
Description and scope of data processing
Our website also uses persistent cookies. Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie.
Furthermore, third-party cookies are set on our website. These types of cookies provide services and features of the website that have been developed by ‘third-party providers’ (or other websites/organisations). These third-party cookies are generated by integrated plugins or technologies from the corresponding organisations. We have no influence on the cookies and privacy settings of these services or organisations and expressly point out that the services we use from third-party providers are subject solely to their respective cookie and data protection guidelines.
Our website is hosted on the Wix.com platform. Wix.com provides us with the online platform and also sets its own cookies. You can find out exactly which cookies these are by clicking on the following link:
https://support.wix.com/de/article/cookies-und-deine-website-bei-wix
A complete privacy policy of wix.com can be found at:
https://de.wix.com/about/privacy#
Third-party requests are requests to a domain that is not basicfox.com or one of its subdomains. Specifically, these are storage locations for images, videos and other files needed to operate websites on the Wix platform. These resources are hosted on a content delivery network (CDN) to ensure fast and reliable delivery of content.
2. Legal basis for data processing
The legal basis for the processing of personal data using technically necessary cookies and technically necessary third-party requests is Art. 6 para. 1 lit. f GDPR. For all other cookies and services for which we require your consent, Art. 6 para. 1 lit. a is the legal basis for processing your personal data.
3. Purpose of data processing
The purpose of using technically necessary cookies is to make it easier for users to use websites. Other cookies that are set and require consent are used for tracking and analysis purposes.
4. Duration of storage, right to object and right to erasure
Cookies are stored on the user's computer and transmitted by it to the website. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are disabled for our website, it is possible that not all of the website's functions can be used to their full extent.
XI. Links to other websites
We have included various links to other websites.
This data protection declaration does not regulate the collection, disclosure or handling of personal data on other websites by third parties. Please check the data protection declaration of the respective responsible party.
XI. Rights of the data subject
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:
1. Right of access
You have the right to obtain from the controller confirmation as to whether or not personal data concerning you are being processed by the controller.
Where that is the case, you have the right to request access to the personal data and the following information from the controller:
- the purposes of the processing;
- the categories of personal data concerned;
- the recipients or categories of recipient to whom the personal data
personal data concerning you has been or will be disclosed
;
- the planned duration of the storage of the personal data concerning you
or, if specific information on this is not possible, criteria for determining the
storage duration;
- the existence of a right to correction or deletion of the personal data concerning you,
a right to restriction of processing by the
controller or a right to object to such processing;
- the existence of a right of appeal to a supervisory authority;
- all available information as to the source of the data, if the personal
data are not collected from the data subject;
- the existence of automated decision-making, including profiling, in accordance with
Art. 22 para. 1 and 4 GDPR and, at least in these cases, meaningful
information about the logic involved as well as the scope and intended
effects of such processing for the data subject.
You have the right to request information about whether your personal data is transferred to a third country or to an international organisation. In this context, you can request to be informed of the appropriate guarantees in accordance with Art. 46 GDPR in connection with the transfer.
2. Right to rectification
You have the right to request the data controller to rectify and/or complete the data if the personal data processed concerning you is incorrect or incomplete. The data controller must carry out the rectification without delay.
3. Right to restriction of processing
You have the right to request the restriction of the processing of personal data concerning you where one of the following applies:
if you dispute the accuracy of the personal data concerning you for a period of time
that enables the controller to verify the accuracy of the
personal data;
if the processing is unlawful and you refuse to delete the personal data
and instead demand the restriction of the use of the personal data
;
if the controller no longer needs the personal data for the purposes of the processing
but you require them for the establishment, exercise or defence of
legal claims, or
- if you have objected to the processing pursuant to Article 21(1) GDPR
and it has not yet been verified whether the legitimate grounds of the controller
override your grounds.
Where processing of personal data concerning you has been restricted, such data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If the restriction of processing has been granted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.
4. Right to erasure
a) Obligation to erase
You have the right to obtain from the controller the erasure of personal data concerning you without undue delay and the controller has the obligation to erase personal data without undue delay where one of the following grounds applies:
- the personal data concerning you are no longer necessary in relation to the purposes for which they were collected
or otherwise processed;
- you withdraw your consent on which the processing was based according to Art. 6 (1) a or
Art. 9 (2) a GDPR, and there is no other legal ground for
the processing;
- You object to the processing in accordance with Art. 21 (1) GDPR and there are
no overriding legitimate reasons for the processing, or you object to the processing in accordance with
Art. 21 (2) GDPR;
- the personal data concerning you has been processed unlawfully
- the deletion of personal data concerning you is necessary to fulfil a
legal obligation under European Union law or the law of the Member States
to which the controller is subject;
- the personal data concerning you has been collected in relation to information society services
pursuant to Art. 8 (1) GDPR.
b) Information to third parties
If the controller has made the personal data concerning you public and is obliged pursuant to Art. 17 (1) of the GDPR, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you, as the data subject, have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
c) Exceptions
The right to erasure does not apply to the extent that processing is necessary
- for exercising the right of freedom of expression and information;
- for compliance with a legal obligation which requires processing by Union or
Member State law to which the controller is subject or for
the performance of a task carried out in the public interest or in the exercise of
official authority vested in the controller;
for reasons of public interest in the area of public health in accordance with
Art. 9 Sect. 2 lit. h and i as well as Art. 9 Sect. 3 GDPR;
for archiving purposes in the public interest, scientific or historical
research purposes or statistical purposes in accordance with Art. 89 Sect. 1 GDPR insofar as the
under Section a) is likely to render impossible or seriously impair the realisation of the objectives of that
processing, or
- for the assertion, exercise or defence of legal claims.
5. Right to information
If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data concerning you have been disclosed, unless this proves impossible or involves disproportionate effort.
You have the right to request the data controller to be informed about these recipients.
6. Right to data portability
You have the right to receive the personal data concerning you, which you have provided to the data controller, in a structured, commonly used and machine-readable format. You also have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where
- the processing is based on consent pursuant to point (a) of Article 6(1) GDPR or point (a) of Article 9(2)
GDPR or on a contract pursuant to point (b) of Article 6(1) GDPR and
- the processing is carried out by automated means.
In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible. This must not adversely affect the rights and freedoms of others.
The right to data portability shall not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
7. Right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions. The controller will no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. Where personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. Where you object to processing for direct marketing purposes, the personal data concerning you shall no longer be processed for such purposes.
You have the option, in the context of the use of information society services, and notwithstanding Directive 2002/58/EC, to exercise your right to object by automated means using technical specifications.
8. Right to revoke the declaration of consent under data protection law
You have the right to revoke your declaration of consent under data protection law at any time. The withdrawal of consent shall not affect the lawfulness of the
processing carried out on the basis of consent until withdrawal.
9. Automated individual decision-making, including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
This shall not apply if the decision
- is necessary for entering into, or performance of, a contract between you and the
controller,
- is authorised by Union or Member State law to which the
controller is subject and which also lays down suitable
measures to safeguard your rights and freedoms and your legitimate
interests or
- with your express consent.
However, these decisions must not be based on special categories of personal data pursuant to Art. 9 (1) GDPR, unless Art. 9 (2) lit. a or g GDPR applies and appropriate measures have been taken to protect rights and freedoms and your legitimate interests.
In the cases referred to in (1) and (3), the controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision.
10. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.
The supervisory authority with which the complaint has been lodged informs the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 of the GDPR.
XII. Changes to this privacy policy
basicfox reserves the right to change this privacy policy at any time with effect for the future. The current version is available on our website.
As of: 18 June 2024