This privacy policy explains the nature, scope and purpose of the processing of personal data
(hereinafter referred to as "data") within our online offering and the associated websites, functions and content as well as external online presences,
such as our social media profiles (hereinafter referred to jointly as "Online Offering"). With regard to the terminology used,
such as “personal data” or their “processing”, we refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).
Brandmonks GmbH
Breidenbacherstraße 8-10
D-55116 Mainz
Managing Director: Morten Babakhani
Telephone number: +49 6131 623 56 10
Email address: hello@jointhesapfamily.com
The person responsible for data processing is:
Christopher Günther
Email: hello@jointhesapfamily.com
Processing of special categories of data (Article 9 (1) GDPR):
In principle, no special categories of data are processed unless they are provided for processing by the users,
e.g. entered in online forms.
In the following, we refer to the data subjects collectively as “users”.
Status: 18.12.2018
In accordance with Art. 13 GDPR, we inform you of the legal basis for our data processing. If the legal basis is not stated in the privacy policy, the following applies:
We ask you to inform yourself regularly about the content of our privacy policy. We will adapt the privacy policy as soon as changes to the data processing we carry out make this necessary. We will inform you as soon as the changes require your cooperation (e.g., consent) or other individual notification.
3.1. In accordance with Art. 32 GDPR, we take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of processing as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons. These measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access to it, input, transfer, ensuring its availability and its separation.
Furthermore, we have established procedures that ensure the exercise of data subjects' rights, the deletion of data, and response to data threats. Furthermore, we consider the protection of personal data right from the development and selection of hardware, software, and processes, in accordance with the principle of data protection through design and data protection-friendly default settings (Article 25 GDPR). These security measures include, in particular, the encrypted transmission of data between your browser and our server.
4.1. If, as part of our processing, we disclose data to other persons and companies (contract processors or third parties), transmit it to them or otherwise grant them access to the data, this will only be done on the basis of legal permission (e.g. if transmission of the data to third parties, such as payment service providers, is necessary to fulfil the contract in accordance with Art. 6 (1) (b) GDPR), you have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).
4.2. If we commission third parties to process data on the basis of a so-called “order processing agreement”, this is done on the basis of Art. 28 GDPR.
If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs as part of the use of third-party services or disclosure or transmission of data to third parties, this will only occur if it is necessary to fulfill our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we will only process or have data processed in a third country if the special requirements of Art. 44 et seq. GDPR are met. This means that processing is carried out, for example, on the basis of special guarantees, such as the officially recognized determination of a data protection level equivalent to that of the EU (e.g. for the USA through the “Privacy Shield”) or compliance with officially recognized special contractual obligations (so-called “standard contractual clauses”).
6.1. You have the right to request confirmation as to whether the data in question is being processed and to obtain information about this data as well as further information and a copy of the data in accordance with Art. 15 GDPR.
6.2. According to Art. 16 GDPR, you have the right to request that the data concerning you be completed or that inaccurate data concerning you be corrected.
6.3. In accordance with Art. 17 GDPR, you have the right to request that the data in question be deleted immediately or, alternatively, to request that the processing of the data be restricted in accordance with Art. 18 GDPR.
6.4. You have the right to request that the data concerning you that you have provided to us be received in accordance with Art. 20 GDPR and to request that it be transmitted to other responsible parties.
6.5. You also have the right to lodge a complaint with the competent supervisory authority in accordance with Art. 77 GDPR.
You have the right to revoke consent given in accordance with Art. 7 (3) GDPR with effect for the future.
You may object to the future processing of your data at any time in accordance with Art. 21 GDPR. In particular, you may object to processing for direct marketing purposes.
We use temporary and permanent cookies, i.e., small files stored on users' devices (for an explanation of the term and function, see the last section of this privacy policy). Some of these cookies serve security purposes or are necessary for the operation of our online offering (e.g., for displaying the website) or to save the user's decision when confirming the cookie banner. In addition, we or our technology partners use cookies for reach measurement and marketing purposes, about which users are informed in the course of this privacy policy.
A general objection to the use of cookies used for online marketing purposes can be declared for a variety of services, especially in the case of tracking, via the US website www.aboutads.info or the EU website www.youronlinechoices.com. Furthermore, cookies can be blocked by deactivating them in the browser's system settings. Please note that in this case, not all functions of this website may be available.
10.1. The data we process will be deleted or restricted in accordance with Articles 17 and 18 of the GDPR. Unless expressly stated in this privacy policy, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and there are no statutory retention periods that prevent deletion. If the data is not deleted because it is required for other legally permissible purposes, its processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.
10.2. Germany: According to legal requirements, records are retained for 6 years in accordance with Section 257 (1) of the German Commercial Code (HGB) (commercial books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting documents, etc.) and for 10 years in accordance with Section 147 (1) of the German Fiscal Code (AO) (books, records, management reports, accounting documents, commercial and business letters, documents relevant for taxation, etc.).
11.1. We process inventory data (e.g., names and addresses as well as contact details of users), contract data (e.g., services used, names of contact persons, customer information) for the purpose of fulfilling our contractual obligations and providing services in accordance with Art. 6 (1) (b) GDPR. Entries marked as mandatory in online forms are required for the conclusion of the contract.
11.2. We process usage data (e.g., the websites visited on our website, interest in our products) and content data (e.g., entries in the contact form or user profile) for advertising purposes in a user profile in order to display product information to the user based on the services they have previously used.
11.3. Deletion occurs after expiration of statutory warranty and similar obligations; the necessity of retaining the data is reviewed every three years; in the case of statutory archiving obligations, deletion occurs after their expiration (end of commercial law (6 years) and tax law (10 years) retention period); information in the customer account remains until it is deleted.
12.1. When you contact us (via contact form or email), the user's information will be processed to process the contact request and its handling in accordance with Art. 6 (1) (b) GDPR.
12.2. User information may be stored in our Customer Relationship Management System (“CRM System”) or similar inquiry organization.
13.1. When users leave comments or other contributions, their IP addresses are stored for 7 days on the basis of our legitimate interests within the meaning of Art. 6 (1) (f) GDPR.
13.2. This is done for our security in case someone posts illegal content (insults, prohibited political propaganda, etc.) in comments or posts. In this case, we ourselves may be held liable for the comment or post and are therefore interested in the identity of the author.
Our website uses the “Akismet” service, provided by Automattic, Inc., 132 Hawthorne Street, San Francisco, CA 94107, USA. This service is used to distinguish between real people’s comments and spam comments. All comments are sent to a server in the USA, where they are analyzed and stored for four days for comparison purposes. If a comment is classified as spam, the data is stored beyond this time. This information includes the name entered, the email address, the IP address, the content of the comment, the referrer, information about the browser and computer system used, and the time of the comment.
Automattic is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (Privacy Shield).
Further information on the collection and use of data by Akismet can be found in Automattic’s privacy policy: https://automattic.com/privacy/.
Users are welcome to use pseudonyms or omit entering their name or email address. You can prevent the transmission of data entirely by not using our comment system. That would be a shame, but unfortunately, we don't see any other alternatives that are as effective.
15.1. Based on our legitimate interests within the meaning of Art. 6 (1) (f) GDPR, we collect data about every access to the server on which this service is located (so-called server log files). Access data includes the name of the accessed website, the file, the date and time of access, the amount of data transferred, a notification of successful access, the browser type and version, the user's operating system, the referrer URL (the previously visited page), the IP address, and the requesting provider.
15.2. Log file information is stored for security reasons (e.g., to investigate misuse or fraud) for a maximum of seven days and then deleted. Data that needs to be retained for evidentiary purposes is exempt from deletion until the respective incident has been finally resolved.
16.1. Based on our legitimate interests within the meaning of Art. 6 (1) (f) GDPR, we maintain online presences within social networks and platforms in order to communicate with customers, interested parties, and users active there and to inform them about our services. When accessing the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply.
16.2. Unless otherwise stated in our privacy policy, we process users' data if they communicate with us within the social networks and platforms, e.g. by writing posts on our online presence or sending us messages.
17.1. Cookies are pieces of information that are transferred from our web server or third-party web servers to users' web browsers and stored there for later retrieval. Cookies can be small files or other types of information storage.
17.2. We use "session cookies," which are stored only for the duration of your current visit to our website (e.g., to save your login status or the shopping cart function and thus enable the use of our online offering). A randomly generated, unique identification number, a so-called session ID, is stored in a session cookie. Furthermore, a cookie contains information about its origin and the storage period. These cookies cannot store any other data. Session cookies are deleted when you have finished using our online offering, for example, by logging out or closing the browser.
17.3. Users are informed about the use of cookies in the context of pseudonymous reach measurement in this data protection declaration.
17.4. If users do not wish cookies to be stored on their computer, they are asked to deactivate the corresponding option in their browser's system settings. Stored cookies can be deleted in the browser's system settings. Excluding cookies may lead to functional limitations of this online service.
17.5. You can object to the use of cookies for range measurement and advertising purposes via the Network Advertising Initiative deactivation page (http://optout.networkadvertising.org/) and additionally the US website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices) contradict.
18.1. Based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Art. 6 (1) (f) GDPR), we use Google Analytics, a web analysis service provided by Google LLC ("Google"). Google uses cookies. The information generated by the cookie about the use of the online offering by users is usually transferred to a Google server in the USA and stored there.
18.2. Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (Privacy Shield).
18.3. Google will use this information on our behalf to evaluate the use of our website by users, to compile reports on the activities within this website, and to provide us with other services related to the use of this website and internet usage. Pseudonymous user profiles may be created from the processed data.
18.4. We only use Google Analytics with activated IP anonymization. This means that the user's IP address will be shortened by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
18.5. The IP address transmitted by the user's browser will not be merged with other data held by Google. Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent Google from collecting the data generated by the cookie and relating to their use of the website, as well as from processing this data, by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
18.6. For further information on Google’s use of data, settings and options for opting out, please visit Google’s websites:
https://www.google.com/intl/de/policies/privacy/partners (“Google’s use of data when you use our partners’ websites or apps”),
https://policies.google.com/technologies/ads (“Use of data for advertising purposes”),
https://adssettings.google.com/authenticated (“Manage information Google uses to show you ads”).
18.7. Furthermore, the personal data will be anonymized or deleted after 14 months.
19.1. Based on our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offering within the meaning of Art. 6 (1) (f) GDPR), we use the marketing and remarketing services (shortly “Google Marketing Services”) of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”).
19.2. Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (Privacy Shield).
19.3. Google Marketing Services allow us to display advertisements for and on our website in a more targeted manner in order to only present users with ads that potentially match their interests. If, for example, a user is shown ads for products they were interested in on other websites, this is referred to as "remarketing". For these purposes, when you visit our website and other websites on which Google Marketing Services are active, Google immediately executes a code from Google and so-called (re)marketing tags (invisible graphics or code, also known as "web beacons") are integrated into the website. With their help, an individual cookie, i.e. a small file, is stored on the user's device (similar technologies can also be used instead of cookies). The cookies can be set by various domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com or googleadservices.com. This file records which websites the user has visited, which content he is interested in and which offers he has clicked on, as well as technical information about the browser and operating system, referring websites, time of visit and other information about the use of the online service.
19.4. User data is processed pseudonymously within the framework of Google Marketing Services. This means that Google does not store and process, for example, the name or email address of users, but processes the relevant data cookie-related within pseudonymous user profiles. This means that, from Google's perspective, the ads are not managed and displayed for a specifically identified person, but for the cookie owner, regardless of who that cookie owner is. This does not apply if a user has expressly permitted Google to process the data without this pseudonymization. The information collected about users by Google Marketing Services is transmitted to Google and stored on Google's servers in the USA.
19.5. The Google marketing services we use include the online advertising program "Google AdWords." With Google AdWords, each AdWords customer receives a different "conversion cookie." Cookies cannot therefore be tracked across AdWords customers' websites. The information collected with the help of the cookie is used to compile conversion statistics for AdWords customers who have opted for conversion tracking. AdWords customers learn the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.
19.6. We may also use the "Google Optimizer" service. Google Optimizer allows us to use so-called "A/B testing" to understand the impact of various changes to a website (e.g., changes to input fields, design, etc.). For these testing purposes, cookies are stored on users' devices. Only pseudonymous user data is processed.
19.7. We may also use the “Google Tag Manager” to integrate and manage Google analytics and marketing services on our website.
19.8. For more information about Google’s use of data for marketing purposes, please see the overview page: https://policies.google.com/technologies/ads – Google’s privacy policy is available at https://policies.google.com/privacy available.
19.9. If you wish to object to interest-based advertising through Google Marketing Services, you can use the settings and opt-out options provided by Google: https://adssettings.google.com/authenticated.
20.1. Within our online offering, the so-called “Facebook Pixel” of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are based in the EU, by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”), is used due to our legitimate interests in the analysis, optimization and economic operation of our online offering and for these purposes.
20.2. Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (Privacy Shield).
20.3. With the help of the Facebook pixel, Facebook is able to determine visitors to our online offering as a target group for displaying advertisements (so-called "Facebook ads"). Accordingly, we use the Facebook pixel to display the Facebook ads we place only to those Facebook users who have shown an interest in our online offering or who exhibit certain characteristics (e.g., interests in certain topics or products determined based on the websites visited) that we transmit to Facebook (so-called "custom audiences"). With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interests of users and are not annoying.
20.4. With the help of the Facebook pixel, we can also track the effectiveness of Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called “conversion”).
20.5. You can opt out of the Facebook pixel and the use of your data to display Facebook ads. To control which types of ads are displayed to you within Facebook, you can visit the page set up by Facebook and follow the instructions for settings for usage-based advertising: https://www.facebook.com/settings?tab=ads. The settings are platform-independent, meaning they are applied to all devices.
20.6. You can also object to the use of cookies for range measurement and advertising purposes via the Network Advertising Initiative deactivation page (http://optout.networkadvertising.org/) and additionally via the US website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices) contradict.
21.1. Based on our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offering within the meaning of Art. 6 (1) (f) GDPR), we use social plugins (“plugins”) from the social network facebook.com, operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The plugins can display interaction elements or content (e.g. videos, graphics or text contributions) and are recognizable by one of the Facebook logos (e.g. the white “f” on a blue tile, “Like”, “I like it” or a “thumbs up” symbol) or with the addition “Facebook Social Plugin”. The list and appearance of the Facebook Social Plugins can be found at https://developers.facebook.com/docs/plugins/ can be viewed.
21.2. Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (Privacy Shield).
21.3. When a user accesses a function of this website that contains such a plugin, their device establishes a direct connection to the Facebook servers. The content of the plugin is transmitted directly from Facebook to the user's device and integrated into the website. User profiles can be created from the processed data. We have no influence on the scope of the data that Facebook collects using this plugin.
21.4. By integrating the plug-in, Facebook receives the information that a user has accessed the corresponding page of the online offering. If the user is logged in to Facebook, Facebook can associate the visit with their Facebook account. When users interact with the plug-in, e.g., by clicking the Like button or leaving a comment, the corresponding information is transmitted directly from their device to Facebook and stored there. If a user is not a Facebook member, Facebook can still store their IP address – in Germany, according to Facebook, this IP address is anonymized.
21.5. For information on the purpose and scope of data collection as well as the further processing and use of data by Facebook, please refer to Facebook’s privacy policy: https://www.facebook.com/about/privacy/.
21.6. If a user is a Facebook member and does not want Facebook to collect data about him or her via this online service and link it to the member data stored on Facebook, he or she must log out of Facebook and delete his or her cookies before using our online service.
22.1. Based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Art. 6 (1) (f) GDPR), we use the Jetpack plugin (subfunction "Wordpress Stats"), which integrates a tool for statistical analysis of visitor access and is provided by Automattic, Inc., 132 Hawthorne Street, San Francisco, CA 94107, USA. Jetpack uses so-called "cookies," which are stored on your computer and enable analysis of website usage.
22.2. Automattic is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (Privacy Shield).
22.3. The information generated by the cookie about your use of this website is stored on a server in the USA. User profiles can be created from the processed data, which are used exclusively for analytical purposes and not for advertising purposes. Further information can be found in Automattic's privacy policy: https://automattic.com and in the Jetpack Cookies Policy at https://jetpack.com.
23.1. The following information informs you about the content of our newsletter, the registration, dispatch, and statistical evaluation procedures, as well as your right to object. By subscribing to our newsletter, you agree to receive it and to the described procedures.
23.2. Newsletter content: We only send newsletters, emails, and other electronic notifications containing promotional information (hereinafter "newsletters") with the recipient's consent or legal permission. If the newsletter content is specifically described when registering for the newsletter, this information is decisive for the user's consent. Furthermore, our newsletters contain information about our products, offers, promotions, and our company.
23.3. Double opt-in and logging: Registration for our newsletter is done using a so-called double opt-in process. This means that after registration, you will receive an email asking you to confirm your registration. This confirmation is necessary to ensure that no one can register using someone else's email address. Newsletter registrations are logged to provide evidence of the registration process in accordance with legal requirements. This includes saving the time of registration and confirmation, as well as the IP address. Changes to your data stored by the shipping service provider are also logged.
23.4. Shipping service provider: The newsletter is sent via "MailChimp," a newsletter distribution platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. You can view the shipping service provider's privacy policy here: https://mailchimp.com/legal/privacy/The Rocket Science Group LLC d/b/a MailChimp is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with the European data protection level (Privacy Shield).
23.5. Furthermore, according to its own information, the shipping service provider may use this data in pseudonymous form, i.e., without assignment to a specific user, to optimize or improve its own services, e.g., for the technical optimization of the delivery and presentation of the newsletter or for statistical purposes to determine which countries the recipients come from. However, the shipping service provider does not use the data of our newsletter recipients to contact them directly or to pass it on to third parties.
23.6. Registration data: To subscribe to the newsletter, simply provide your email address. Optionally, we ask you to provide a name so we can address you personally in the newsletter.
23.7. Performance measurement: The newsletters contain a so-called "web beacon," a pixel-sized file that is retrieved from the server of the mailing service provider when the newsletter is opened. This collects technical information (e.g., browser data, system information, IP address, time of retrieval) that is used to technically improve the delivery and presentation of the newsletter or for statistical evaluations. This information can be technically assigned to individual recipients, but is used exclusively for evaluation purposes.
23.8. Germany: The newsletter is sent and success is measured on the basis of the recipient's consent in accordance with Art. 6 (1) (a), Art. 7 GDPR in conjunction with Section 7 (2) No. 3 UWG or on the basis of legal permission in accordance with Section 7 (3) UWG.
23.9. The registration process is logged on the basis of our legitimate interests in accordance with Art. 6 (1) (f) GDPR and serves as proof of consent to receive the newsletter.
23.10. Cancellation/Revocation – Newsletter recipients can cancel their subscription to our newsletter at any time, i.e., revoke their consent. You will find a cancellation link at the end of each newsletter. This will also revoke your consent to performance measurement. A separate revocation of performance measurement is not possible; in this case, the entire newsletter subscription must be canceled. Upon unsubscribing from the newsletter, your personal data will be deleted unless its retention is legally required or justified.
24.1. Based on our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offering within the meaning of Art. 6 (1) (f) GDPR), we use content or service offerings from third parties in order to integrate their content and services, such as videos or fonts (hereinafter collectively referred to as “content”). This always requires that the third-party providers of this content perceive the IP address of the users, since without the IP address they would not be able to send the content to their browser. The IP address is therefore necessary for the display of this content. We endeavor to only use content whose respective providers only use the IP address to deliver the content. Third parties may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information can be stored in cookies on the user’s device and linked to other data from other sources.
24.2. The following presentation provides an overview of third-party providers and their content, along with links to their privacy policies, which contain further information on data processing and, in some cases, previously mentioned options for objection (so-called opt-out):
We process the personal data of applicants for the purpose of processing the application process for a position within our company or with one of our clients as part of an RPO (recruitment outsourcing process). Processing may also take place electronically. This is particularly the case if an applicant submits relevant application documents to us electronically, for example by email or via a web form on the website. If we conclude an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with statutory provisions. If our client concludes an employment contract with an applicant, the data will be deleted within the legally applicable period. If no employment contract is concluded with the applicant, the application documents will also be deleted within the legally applicable period.
Answer a few questions and find out which SAP career path suits you.
As an SAP consultant, developer, architect, project manager or solution expert?
Whether automotive, chemicals, retail, logistics or IT – your industry and process knowledge could be very valuable.
We offer the following career opportunities
