Privacy Policy of Unia – The Union

Unia (hereinafter also referred to as «we», «us») collects and processes personal data concerning you or other individuals («third parties»). A contractual relationship with Unia is not necessarily required; the data may also concern individuals who are interested in becoming members of Unia, for example, through events, membership recruitment, etc. In this context, we use the term «data» interchangeably with «personal data» as defined by the relevant data protection law. The term «Unia» also encompasses majority-controlled subsidiary companies (e.g., Unia Viva AG, Zivag Verwaltungen AG), as well as associated entities, institutions (e.g., foundations and associations), and legal collectives (e.g., partnerships). Terms such as «personal data,» «processing,» or «particularly sensitive personal data» carry the meanings defined in the law (refer to the description in Art. 5 FADP). We explicitly inform you that details regarding union membership are categorized as especially sensitive under the law, leading to these personal data being subject to special protection.

In this Privacy Policy («DSE»), we outline how we handle your data when you visit www.unia.ch use our apps (hereinafter collectively referred to as the («website»), access our services, engage with us through various ways, communicate with us, or interact with us in any other manner.  If necessary, we will notify you in a timely manner about additional processing activities not mentioned in this Privacy Policy.

If you provide us with data about other individuals or disclose such information, we assume that you are authorized to do so and that this data is accurate. By transmitting data about third parties, you confirm this. Please also ensure that these third parties have been informed about this Privacy Policy.

This Privacy Policy is based on the requirements of the Swiss Data Protection Act («DSG») and the associated Ordinance («DSV»). 

The data processing described in this Privacy Policy is carried out by Unia (see contact details below), unless otherwise addressed in individual cases.

You can contact us for your data protection concerns and the exercise of your rights according to paragraph 11 as follows:

Unia – The Union
Weltpoststrasse 20
3000 Bern 16

 datenschutz@unia.ch

We process various categories of data about you. The main categories are as follows:

  • Technical data: When you use our website or other electronic services (e.g., free Wi-Fi), we collect the IP or MAC address of your device and additional technical data to ensure the functionality and security of these offerings. These data also encompass logs that record the usage of our systems. We usually retain technical data for 12 months. To ensure the functionality of these services, we may assign you or your device an individual code (e.g., in the form of a cookie, refer to section 12). By themselves, technical data generally do not enable conclusions about your identity. However, within the scope of user accounts, registrations, access controls, or contract processing, they can be linked with other categories of data (and thus potentially with your person).
  • Registration data: Certain offerings, such as competitions, surveys, and services (e.g., login areas, newsletter delivery, free Wi-Fi access, etc.), can only be accessed using a user account or registration, which can be completed directly with us or through our external login service providers. In doing so, you are required to provide us with specific data, and we gather data regarding the utilization of the offering or service. In the case of access controls to specific facilities or systems, registration data may be generated, as well as biometric data (for example, when logging into systems voluntarily without a password using fingerprint or facial recognition, but this is initially limited to Unia employees). We generally store registration data for a duration of 12 months following the conclusion of service usage or the closure of the user account, and we may extend this period as necessary on a case-by-case basis. As part of access controls, there might be instances where we need to register you using your data (access codes in badges, biometric data for identification) as required (see the «»other data» category).
  • Communication data: When you communicate with us through the contact form, email, phone, chat, bots, messenger services, as well as social media, letter, or other communication methods, we collect the data exchanged between you and us, including your contact information and the communication's metadata. When we record or listen to telephone conversations or video conferences, for example, for training and quality assurance purposes, we explicitly inform you about this. Such recordings may only be created and utilized in line with our internal guidelines. You will be informed about whether and when such recordings take place, for example, through a notification during the relevant video conference. If you do not wish for a recording, please inform us or end your participation. If we need or wish to confirm your identity, such as in response to an information request from you, we collect data to identify you (e.g., a copy of an identification document). We typically keep this data for a duration of 12 months from our most recent interaction with you. This period may be extended if necessary for evidentiary reasons or to adhere to legal or contractual obligations, or due to technical requirements. Emails in personal mailboxes and written correspondence are typically preserved for at least 10 years.
  • Basic data: We use the term «basic data» to denote the essential information that we, in conjunction with the contract details (as outlined below), need for the execution of our con-tractual and other business-related interactions (including member data), or for marketing and promotional objectives. This encompasses details such as your name, contact information, as well as particulars pertaining to your role and responsibilities, your bank account(s), your date of birth, membership or customer history, powers of attorney, authorization to sign, and consent declarations. We process your basic data if you are a member or involved in other business-related contacts, or if you act on behalf of such contacts (e.g., as a representative of a business contact), or because we intend to address you for our own purposes or the purposes of a contracting partner (e.g., within the scope of marketing and advertising, campaigns, demonstrations, meetings, initiatives, information, event invitations, etc.). We collect basic data directly from you (for example, through registration or when expressing interest in becoming a member of Unia), from organizations you are associated with, or from third parties such as our contracting partners, associations, as well as from publicly accessible sources such as public registers, databases (such as Swiss Post), or the internet (websites, social media, etc.). As part of basic data, we may also process health-related information and details about third parties. We typically retain this data for a period of 10 years from our last interaction with you, or at a minimum from the end of the contract. Member data is usually kept for a period of 10 years from the date of withdrawal. This period can be extended, as required for evidential purposes or to adhere to legal or contractual obligations, or due to technical reasons. In the context of solely marketing and advertising contacts, the duration is typically much shorter, rarely exceeding two years after the most recent interaction.
  • Contract data: These are data that arise in connection with the conclusion or execution of a contract, such as information about contracts and the services to be provided or that have been provided, as well as data from the pre-contractual phase that are necessary or used for processing, and information about responses (such as complaints or indications of satisfaction, etc.).  Health data, social assistance measures, administrative or criminal proceedings, and sanctions can also be included, for instance, in the context of representing you in legal disputes against your employer (also refer to «other data» below). Typically, we gather this data from you, contracting partners, and third parties engaged in contract processing. Additionally, we obtain such data from third-party sources (such as creditworthiness data providers) and from publicly accessible sources. We usually keep this data for a duration of 10 years from the last contractual activity, or at the very least, from the contract's conclusion. Legal protection data of our members are typically stored for 10 years from the case's resolution. This period can be extended, as required for evidential purposes or to adhere to legal or contractual obligations, or due to technical reasons.
  • Behavioural and preference data: Depending on the nature of our relationship with you, we aim to understand you better and customize our services and offerings to suit your requirements. For this, we gather and utilize data concerning your behaviour and preferences. We achieve this by analysing data related to your behaviour within our domain, and we might also enhance this data with information from third parties, including sources that are publicly accessible. Using this information, we can calculate probabilities, such as your likelihood to utilize specific services or demonstrate particular behaviours. The data processed for this purpose is partially already known to us (for example, when you use our services), or we obtain this data by recording your behaviour (such as how you navigate on our website) or, for instance, by collecting your movement data for a limited period through the use of an app on your mobile phone. We anonymize or delete this data when it is no longer relevant for the intended purposes, usually within 24 months (for service preferences). This duration could be extended if required for evidential reasons, legal or contractual obligations, or due to technical constraints. We describe how tracking on our website works in sections 12 and 13.
  • Other data: We also collect data from you in other situations. In connection with official or judicial proceedings, data may arise (such as files, evidence, etc.) that could also be relevant to you. For health protection reasons, we may also gather data (for example, as part of protective measures during epidemics and pandemics). We might receive or produce photos, videos, and audio recordings where you could be recognized (for instance, at events, through security cameras, etc.). In addition, we may collect data on individuals entering specific buildings and the corresponding timing, or individuals with access privileges (including access control based on registration data or visitor lists, etc.), participation in events or activities (such as contests and surveys), and the use of our infrastructure and systems, as well as the timing of these activities. Moreover, we might receive or collect data associated with interactions among contracting parties or involving the oversight and enforcement of collective labour agreements (CLAs). The duration for which we retain these data depends on the objective and is confined to what is essential. This spans from a few days and typically a few weeks for contact tracing data, to visitor data usually kept for 3 months, extending to reports about events with images that may be stored for several years or even longer.

Many of the 3 data mentioned in this section are provided by you directly (for instance, through forms, during communication with us, in relation to contracts, while using the website, etc.). You are not obliged to do so, except for individual cases, such as within the scope of mandatory protection concepts (legal obligations). Moreover, if you engage in contracts with us or intend to access our services, you are also obligated, as part of your contractual commitment as per the relevant agreement, to provide us with data, specifically basic, contract, and registration data. When utilizing our website, the processing of technical data is inevitable. If you wish to gain access to specific systems or buildings, you are required to provide us with registration data.

Where permitted, we also retrieve data from publicly accessible sources (such as debt registers, land registers, commercial registers, media, or the internet, including social media) or receive data from other companies within our group, authorities, and other third parties (such as credit agencies, associations, contracting partners, internet analytics services, etc.).

We would like to draw your attention to the fact that the aforementioned time periods for retention apply only to personal data under our control, meaning those we can process ourselves. This, for instance, does not apply to personal data stored on social media platforms (such as communication data on Facebook, Twitter, WhatsApp, etc.) or on tools such as Google Analytics. In such cases, Unia lacks the authority to influence the duration of data retention. Our capacity is limited to deleting analyses we have carried out (such as PDF files), whereas we are unable to remove data stored on external tools or platforms. Unia is not responsible for the way data is collected, stored, and processed; this responsibility solely rests with the respective third parties (operators of social media platforms, Google, etc.). Corresponding requests, in particular for insight, information, correction and deletion, should be sent directly to the respective operator (cf. also the sections 7, 12 and 13 below).

Furthermore, the Unia Unemployment Insurance Fund (ALK), a division of Unia, is bound by this Privacy Statement (DSE). However, different retention periods may be required by specific legal regulations (for example, AVIG).

Unia can also use your AHV number, which it receives from third parties (e.g. Prevhor, Foundation of the Swiss Watch and Microtechnology Industry for Pension Provision, or Unia Viva AG), or which has been provided by you (e.g. as part of membership recruitment).

We process your data for the purposes we explain below. Further instructions for the online area can be found in sections 12 and 13 below. These purposes, or the underlying objectives, represent legitimate interests of ours and, when applicable, of third parties. You can find further information about the legal basis for our processing in sections 5.

We process your data for purposes related to communicating with you, particularly for responding to inquiries and asserting your rights (section 11), and to get in touch with you for further questions. For this purpose, we mainly utilize communication data and basic data, and in conjunction with the services and offerings you make use of, registration data as well. We store this data to document our communication with you, for training purposes, quality assurance, and follow-up inquiries.

We process data with the intention of initiating, managing, and executing contractual relationships, membership relations, contract partnerships (such as within the context of Joint Commissions), and the oversight and enforcement of labour-related measures (especially collective labour agreements).

Additionally, we process data for marketing objectives and relationship management, including the dispatch of personalized advertisements to our members, interested parties, and contracting partners, featuring products and services from us and third parties (e.g., discounted travel and vacations via Reka). This can happen, for instance, through venues like newsletters and other regular communications (electronically, via post, over the phone), across other channels for which we possess your contact details, and also as part of specific marketing initiatives (such as events, information sessions, surveys, contests, etc.). It could also involve complimentary offerings (such as invitations). With your consent, we can target our online advertising on the internet more specifically towards you (see section 13). Finally, we also aim to enable our contracting partners to address our members and other contracting partners for advertising purposes and the execution of our services (refer to section 7).

As part of relationship management, we can also operate a Customer Relationship Management system («CRM») where we store essential data for managing relationships with members, suppliers, and other business partners. This data includes contact persons, relationship history (such as services provided or received, interactions, etc.), interests, preferences, marketing efforts (newsletters, event invitations, etc.), and additional information.

All of these processes are important for us not only to effectively promote our offerings but also to make our relationships with you more personal and positive. This allows us to focus on the most significant relationships and use our resources as efficiently as possible.

We continue to process your data for market research purposes and to enhance our services and operations.

We strive to continually improve our services (including our website) and to quickly respond to changing needs. Therefore, we analyse, for instance, how you navigate through our website, which products are used by different groups of people and in what manner, and how new services can be designed (for further details, see section 12). We process basic, behavioural, and preference data, as well as communication data and information from member surveys, surveys, studies, and other sources such as media, social media, the internet, and other public sources, primarily for this purpose. Whenever possible, we use pseudonymized or anonymized information for these purposes. We can also use media monitoring services or conduct media monitoring ourselves, processing personal data in order to engage in media activities or to understand and respond to current developments and trends.

We may also process your data for security purposes and access control.  

We continuously assess and enhance the appropriate security of our IT and other infrastructure (such as buildings). Like all companies, we cannot completely eliminate data security breaches, but we do our utmost to mitigate the risks. Therefore, we process data for purposes such as monitoring, controls, analyses, and testing of our networks and IT infrastructures, for system and error checks, for documentation purposes, and within the scope of security backups. Access controls include both electronic system access control (e.g., logging into user accounts) and physical access control (e.g., building entries). For security purposes (both preventive and for incident investigation), we maintain access logs and visitor lists.

We process personal data to comply with laws, directives, and recommendations from authorities, as well as internal regulations («compliance»).

In certain cases, we may be obliged to conduct specific inquiries about members («Know Your Customer») or to report to authorities. Fulfilling disclosure, information, or reporting obligations, for instance, in connection with supervisory and tax-related duties, requires or entails data processing. This includes fulfilling archiving obligations and preventing, detecting, and investigating criminal offenses and other violations. This includes receiving and processing complaints and other reports, monitoring communication, conducting internal investigations, or disclosing documents to an authority when we have sufficient grounds or are legally obligated to do so.  In external investigations, such as those conducted by law enforcement or regulatory authorities or by an appointed private entity, your personal data may also be processed. For all these purposes, we primarily process your basic data, contract data, and communication data, and under certain circumstances, behavioural data and data from the categories of Other Data as outlined in section 3. Legal obligations can include Swiss law as well as foreign regulations to which we are subject. This also includes self-regulations, industry standards, our own corporate governance, and official instructions and requests.

We also process data for the purposes of our risk management and as part of prudent corporate governance, including operational organization and business development.

Whenever we request your consent for specific processing (such as the processing of particularly sensitive personal data, marketing mailings, and behavioural analysis on the website), we will provide you with separate information regarding the respective purposes of the processing. You can revoke your consent at any time by sending a written notification (by mail) or, unless otherwise specified or agreed, by sending an email to us, effective for the future. The contact details are provided in paragraph 2. For revoking your consent regarding online tracking, refer to section  13 (and also sections 5 and 11). If you have a user account, you can initiate a withdrawal or get in touch with us through the relevant website or applicable service.  You can always utilize the 'opt-out' option to unsubscribe from newsletters. Upon receiving notification of the withdrawal of your consent, we will halt the processing of your data for the purposes to which you initially agreed, unless there exists an alternative legal basis for such processing.  The revocation of your consent does not impact the legality of processing that was conducted based on the consent prior to its withdrawal.

In cases where we do not seek your consent for processing, we rely on the necessity of processing your personal data for the initiation or fulfilment of a contract or other legal relationship (such as membership with Unia) involving you (or the entity you represent).

lternatively, we may rely on the fact that we or third parties have a legitimate interest in such processing. This specifically includes the pursuit of the purposes and related objectives outlined in paragraph  4 , along with the implementation of necessary actions to attain these objectives. One of our legitimate interests is also the compliance with legal regulations, to the extent that these are not already acknowledged as legal bases by the applicable data protection laws.   This further includes the marketing of our services, the aim of better understanding our members and their requirements, and the secure and efficient management and advancement of our organization, including its operations.

When we receive sensitive data (such as health information, details about political, religious, or philosophical beliefs, measures of social assistance, criminal and administrative proceedings or sanctions, or biometric data for identification), we may process your data based on other legal grounds as well. For example, in case of disputes, we might process the data out of necessity for potential legal proceedings or the enforcement or defence of legal claims. In specific cases, different legal bases might be applicable, and we will communicate this separately as needed.

We have the ability to evaluate specific personal attributes of yours for the purposes outlined in section  4 utilizing your data (refer to section 3) using automated methods («profiling»). This includes the assessment of preference data, as well as the identification of misuse and security risks, the execution of statistical analyses, and the facilitation of operational planning purposes. For the same purposes, we can also create profiles, meaning we can combine behavioural and preference data, as well as basic and contractual data and associated technical data, to better understand specific behaviours related to your interactions with us.

In relation to our contracts, membership management, website, services, legal obligations, or for the protection of our legitimate interests and the additional purposes mentioned in section  4 , we may share your personal data with third parties, particularly with the following categories of recipients:

  • Group companies: Upon request, we will provide you with a list of our group companies, corporations, institutions, and legal associations (these include entities such as Zivag Verwaltungen AG, Unia Viva AG, or Unionsdruckerei Bern AG). The group companies can utilize the data for themselves for the same or similar purposes as outlined in this privacy statement (refer to section 4). We can share your member data with our group companies, and the reverse is also possible.  Each individual group company can also release its own independent privacy statements.
  • Service providers: We collaborate with service providers both domestically and internationally, who process data about you on our behalf or in shared responsibility with us, or who receive data about you from us under their own responsibility (for example, IT providers, shipping companies, advertising service providers, login service providers, banks, insurance companies, debt collection agencies, credit reporting agencies, or address verification services). Your member data may also be part of this. For the service providers involved with the website, refer to section  12 and 13. Key service providers in the IT domain currently include Microsoft and Oracle as platform operators, and WAGNER AG as an outsourcing partner. Particularly with regards to IT companies that do not offer data storage in Switzerland or the EU/EEA (e.g., currently Microsoft), your data might not be sufficiently protected or have adequate protective measures in place, and you acknowledge this fact.To ensure efficient service delivery and concentrate on our core competencies, we enlist third-party services across various domains. We share with these service providers the data necessary for their respective services, which may also include data relevant to you. These service providers work exclusively for Unia and have specific purposes. Furthermore, we establish contracts with these service providers that include provisions related to confidentiality, data protection, and the location of data storage and processing. If these service providers involve third parties themselves, we will be informed and need to provide written approval for such arrangements. You can find specific data protection provisions from Microsoft at: https://privacy.microsoft.com/de-de/privacystatement. You can find specific data protection provisions from Microsoft for the use of Microsoft Teams, particularly here: https://docs.microsoft.com/de-de/microsoftteams/teams-privacy. For specific privacy regulations from Oracle, refer to: https://www.oracle.com/de/legal/privacy.  Regarding WAGNER IT, please refer to: https://www.wagner.ch/footer-elements/datenschutz. If you have any questions, please contact us.
  • Members and contract partners: This refers to the Unia members and our contract partners, as the data transmission originates from their respective legal relationships. If you are personally involved with such a contract partner, we may also share data about you with them in this context. This could include especially sensitive data. The recipients also include contract partners with whom we cooperate.
    If you are an employee representing a company with which we have a contract or another legal relationship (which could include a collective labour agreement [CLA]), managing this legal relationship might entail informing the appropriate personnel commissions and/or joint committees, for example, regarding your use of our services or disclosing data associated with this legal relationship (such as salary totals, declarations, etc.).
  • Authorities: We may share personal data with authorities, courts, and other governmental bodies, both domestically and internationally, when legally obliged or authorized, or when it is deemed necessary to protect our interests. The authorities process data about you, which they receive from us, under their own responsibility.
  • Other individuals: This refers to other cases where the engagement of third parties arises from the purposes outlined in section 4.

Other receiving parties include, for instance, alternate recipients for deliveries or external payees designated by you, as well as other third parties within the scope of representation relationships (such as when we provide your data to your lawyer or bank), or individuals involved in governmental or court proceedings. If we collaborate with media outlets and share materials with them (such as photos), you could also be affected in specific situations. The same principle applies to the publication of content (such as photos, interviews, quotes, etc.) on our website or in other publications by us. In the context of organizational development, we may engage in the sale or acquisition of businesses, operational units, assets, or companies, or establish partnerships. These actions could also entail the disclosure of data (including yours, for instance, as a member or supplier, or as a representative of a supplier) to individuals participating in these transactions.

All these categories of recipients can also engage third parties, which might result in your data being accessible to them as well. We can impose restrictions on the processing by certain third parties (e.g., IT providers), but not on others (e.g., authorities, banks, etc.).

We retain the right to proceed with such data disclosures, even if they include sensitive data (unless we have explicitly agreed with you not to share such data with particular third parties, except when legally mandated). However, your data continues to be protected by adequate data protection measures in both Switzerland and the EU following its disclosure. When sharing data with other countries, the regulations outlined in section 8.are applicable. If you do not want certain data to be disclosed, kindly notify us in writing so that we can evaluate whether and to what extent we can accommodate your request (refer to section 2).

We also allow certain third parties to collect personal data from you on our website and at our events (e.g., media photographers, providers of tools integrated into our website such as Google Analytics, etc.). To the extent that we are not significantly involved in these data collections, these third parties are solely responsible for the collection and processing. For inquiries and to assert your data protection rights, please directly contact these third parties, see sections 12 and 13. Furthermore, concerning the allocation of responsibilities, also refer to section 3, penultimate paragraph.

As explained in section 7, we also disclose data to other entities. This doesn't solely apply to Switzerland.  As a result, your data can be processed not only in the EU, EEA, UK, and, on rare occasions, the USA, but also in exceptional cases, in any country across the globe.

If recipients are situated in a country without adequate legal data protection, we contractually obligate the recipients to adhere to applicable data protection laws. For this purpose, we make use of the revised standard contractual clauses of the European Commission, which can be accessed here: https://eur-lex.europa.eu/eli. This is applicable unless the recipients are already subject to a legally recognized framework for ensuring data protection and we are unable to rely on an exemption clause. An exception can apply, particularly in foreign legal proceedings, as well as in cases of predominant public interests, or when contract processing necessitates such disclosure, when you have provided consent, or when it pertains to data made generally accessible by you and to which you have not objected.  Additionally, we have the option to implement further measures, such as encrypting your data.

Please also take into account that data exchanged over the internet, social media platforms, Microsoft Teams, or messaging services like WhatsApp, Signal, or similar platforms, often traverse through third countries that may not all be considered secure from a Swiss data protection standpoint (e.g., the USA).  As a result, your data could be transferred internationally even when the sender and recipient are situated in the same country. Particularly in situations where data storage does not take place within Switzerland, your data might not receive sufficient protection, and you hereby confirm your understanding of this.  If you do not consent to this, we kindly request that you refrain from using the relevant service and, whenever possible, consider employing a more secure alternative service (e.g., Threema instead of WhatsApp).

We process your data for as long as necessary to fulfil our processing purposes, comply with legal retention periods, and satisfy our legitimate interests in processing for documentation and evidential purposes, or if storage is technically required. Further details about the specific storage and processing duration can be found for each data category in section 3, and for cookie categories in section 12. If no legal or contractual obligations oppose it, we will delete or anonymize your data after the storage or processing period expires, following our standard procedures.

We implement suitable security measures to uphold the confidentiality, integrity, and availability of your personal data, protecting them from unauthorized or unlawful processing and minimizing the risks of loss, accidental modification, unintended disclosure, or unauthorized access.

Technical and organizational security measures can include actions such as data encryption and pseudonymization, logging, access restrictions (e.g., through authorization concepts), the storage of backup copies, instructions to our employees, confidentiality agreements, and controls. We protect the data transmitted through our website during the transportation process by using appropriate encryption mechanisms. We also obligate our processors to implement adequate security measures. However, we can only secure areas that are within our control. Security risks cannot be completely eliminated; residual risks are inevitable.

Under specific circumstances, the relevant data protection law provides you with the right to object to the processing of your data, particularly for purposes of direct marketing, profiling connected to direct advertising, and other legitimate interests in processing.

In order to enhance your control over the processing of your personal data, you possess the following rights in relation to our data processing, depending on the applicable data protection law:

  • The right to request information from us regarding whether and which data we process about you;
  • the right to have data corrected if they are inaccurate;
  • the right to request the deletion of data;
  • the right to request from us the disclosure of particular personal data in a standard electronic format or their transfer to another data controller;
  • the right to revoke consent, where our processing is based on your consent;
  • the right to express your viewpoint and request that a decision made through automated means (Section 6) be reviewed by an actual person.

If you intend to exercise the aforementioned rights with us, kindly get in touch with us in person at our location, through written communication, or via email. You can find our contact information in section 2. In order to prevent misuse, we must verify your identity (e.g., with a copy of an identification document if no other options are available).

Please be aware that conditions, exceptions, or limitations may apply to these rights according to applicable data protection law (e.g., to protect third parties or business secrets). We will inform you as needed.

If you do not agree with our handling of your rights or data privacy, please let us know. Particularly if you are situated in the EEA, the United Kingdom, or Switzerland, you retain the right to file a complaint with your country's data protection supervisory authority. You can contact the Swiss supervisory authority here: https://www.edoeb.admin.ch/edoeb/de/home/der-edoeb/kontakt/adresse.

On our website, we utilize cookies and similar technologies that enable us and third parties we collaborate with to identify you and/or your device(s) within or outside various services and devices, and across different services or devices. In this section, we provide you with information about it.

«Cookies» are small text files containing a character string used for the distinctive identification of a browser on an internet-connected device. Every browser that visits our website receives cookies from us. Additionally, we place cookies in your browser when you visit websites of other providers hosting our plug-ins or tags.

Essentially, the goal is to differentiate between your accesses (via your browser) and those of other individuals, enabling us to ensure the website's functionality and perform analyses and personalizations.

We utilize these technologies on our website and grant specific third parties the same capability. You have the ability to set up your browser to block specific cookies or alternative technologies, manipulate them, or delete existing cookies. Furthermore, you can enhance your browser with software designed to prevent tracking by specific third parties. For additional details, consult your browser's help pages (typically located under the «Privacy» section) or the websites of the listed third parties below.

The following cookies (technologies with similar functionalities like fingerprinting are also included) are categorized:

  • Essential Cookies: Certain cookies are essential for the proper functioning of the website or for specific functionalities. For example, they ensure that you can move between pages without losing information entered in a form. They also guarantee that you stay logged in. These cookies are temporary and referred to as «session cookies». Blocking them could lead to improper functioning of the website. Additionally, other cookies are necessary for the server to retain decisions or inputs you've made beyond a single session (i.e., a website visit) if you make use of such features (e.g., selected language, provided consent, automatic login function, etc.). These cookies have an expiration date of up to 24 months.
  • Analytics and Performance Cookies: To enhance and customize our website according to user needs, we utilize cookies to record and analyse website usage, potentially extending beyond the session. We accomplish this through the implementation of third-party analytics services. We have listed these below in section 13. Performance cookies also have an expiration period of up to 24 months. You can find details on the websites of the third-party providers.
  • Marketing cookies: We and our advertising contract partners have an interest in controlling advertising precisely for target groups. We have listed our advertising contract partners below   in section 13. For this purpose, we and our advertising contract partners - if you consent - also use cookies that can capture accessed content or completed contracts. This enables us and our advertising contract partners to display advertisements on our website or other websites that we believe might interest you. These cookies have a lifespan of a few hours to up to 24 months, depending on the browser.

In addition to cookies, we use further technologies to statistically record and optimize the use of our website.

  • Google Analytics: Google Ireland Ltd. (based in Ireland) is the provider of the service «Google Analytics» and acts as our data processor. For this purpose, Google Ireland relies on Google LLC (based in the USA) as its data processor (both referred to as «Google»). Google tracks the behaviour of users on our website through performance cookies (duration, frequency of accessed pages, geographic origin of access, etc.) and creates reports for us based on this data. We have configured the service to shorten the IP addresses of users by Google in Europe before they are sent to the USA, which makes them untraceable. We have turned off the «Data Sharing» settings. Although we can assume that the information we share with Google is not personal data for Google, it is possible that Google could draw conclusions about the identity of the users from this data for its own purposes, create personal profiles, and link this data to the Google accounts of these individuals. If you agree to the use of Google Analytics, you explicitly consent to such processing, which also includes the transfer of personal data (especially usage data for the website and app, device information, and individual IDs) to the USA and other countries. Information about the privacy of Google Analytics can be found here support.google.com/analytics/answer/6004245, and if you have a Google account, you can find additional information about processing by Google here: https://policies.google.com/technologies/partner-sites?hl=de.
    The website also uses the technical extension «Google Signals,» which enables cross-device tracking. This allows the identification of individual website users across different devices. However, this only occurs when users are logged into a Google service during website visits and have also activated the «personalized advertising» option in their Google account settings. Even in this case, no personally identifiable data or user profiles are accessible to us; they remain anonymous to us. If you do not wish to use «Google Signals,» you can deactivate the «personalized advertising» option in your Google account settings.
  • Google Ads: We utilize Google Ads Conversion to raise awareness of our website through advertising materials (known as Google Ads) on external websites. These advertising materials are delivered by Google through so-called «Ad Servers.» For this purpose, we use Ad Server cookies, which enable the measurement of certain parameters for tracking success, such as the display of ads or clicks by users. If you reach our website through a Google ad, a cookie will be stored on your device by Google Ads. These cookies allow Google to recognize your browser. If you visit specific pages of our website and the cookie stored on your computer has not expired, Google and we can identify that you clicked on the ad and were redirected to that page. Each Ads customer is assigned a different cookie. As a result, cookies cannot be tracked across the websites of Ads customers. We do not collect or process any personal data in the mentioned advertising measures. Google only provides us with statistical evaluations. Based on these evaluations, we can identify which of the employed advertising measures are particularly effective. We do not receive further data from the use of advertising materials, and in particular, we cannot identify users based on this information. We have no control over the extent and further use of the data collected by the use of this tool by Google, and therefore inform you to the best of our knowledge: By incorporating Ads Conversion, Google receives information that you have accessed the relevant section of our website or clicked on an ad from us. If you are registered with a Google service, Google can associate the visit with your user account. Even if you are not registered with Google or have not logged in, there is a possibility that Google may obtain and store your IP address.
  • Google Ads Remarketing: We use the remarketing feature within the Google Ads service. Using the remarketing feature, we can display interest-based advertisements to users of our website on other websites within the Google advertising network (on Google Search or YouTube, known as «Google Ads,» or on other websites). For this purpose, user interactions on our website are analysed, such as which offers a user has shown interest in, in order to display targeted advertising to the user on other sites even after they have visited our website. For this purpose, Google stores cookies on the devices of the user who visits certain Google services or websites within the Google Display Network. These cookies record the visits of these users. The cookies serve for the unique identification of a browser on a specific device and not for identifying a person.
  • Google Tag Manager: This website uses Google Tag Manager. Google Tag Manager is a solution that allows advertisers to manage website tags through an interface. The tool itself (that implements the tags) is a cookie-free domain and does not collect personal data. The tool triggers other tags, which in turn might collect data under certain circumstances. Google Tag Manager does not access this data. If deactivation has been performed at the domain or cookie level, it will persist for all tracking tags implemented with Google Tag Manager.
    Facebook Custom Audiences: We use the «Facebook Pixel» and the «Conversion API» for remarketing purposes to reach out to you within 180 days. As a result, users of the website may be presented with interest-based advertisements (Facebook Ads) during their visit to the social network Facebook or other websites that also employ this method.
    Facebook Conversion: Furthermore, we aim to ensure that our Facebook Ads correspond to the potential interests of users and do not appear intrusive, using the Facebook Pixel and Conversion API. With the help of the Facebook Pixel, we can track the effectiveness of Facebook Ads for statistical and market research purposes by observing whether users were redirected to our website after clicking on a Facebook Ad (so-called conversion).
  • Facebook Custom/Lookalike Audiences: For example, we may transmit the email addresses of our users and other individuals we want to show advertisements to, to operators of advertising platforms (e.g., social media). If these individuals are registered with the same email address on these platforms (which the advertising platforms determine through matching), the operators display the advertising we have placed specifically to these individuals. The operators do not receive personally identifiable email addresses of individuals who are not already known. However, for known email addresses, they are informed that these individuals are connected with us and which content they have accessed.
  • Due to the implemented marketing tools (Facebook Pixel and Conversion API), your browser automatically establishes a direct connection with Facebook's server once you have agreed to the use of cookies that require consent. By incorporating the Facebook Pixel and using the Conversion API, Facebook receives information that you have visited the respective page of our website or clicked on an ad from us. If you are registered with a Facebook service, Facebook can associate the visit with your account.
  • LinkedIn Insight: We use the analysis and tracking tool «LinkedIn Insight Tag» provided by LinkedIn Ireland Unlimited Company on our website. This tool creates a cookie in your browser, which enables the collection of, among other things, the following data: IP address, device and browser properties, and page events (e.g., page views). This data is encrypted, anonymized within seven days, and the anonymized data is deleted within 90 days. LinkedIn does not share personal data with us but provides anonymized reports about website audience and ad performance.
  • Mouseflow: We use Mouseflow, an analysis and tracking software, on our website. The service provider is the Danish company Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark. Learn more about the data processed through the use of Mouseflow in the Privacy Policy at https://mouseflow.com/de/privacy-policy.
  • Eloqua: We use the analysis service Eloqua by Oracle Corporation, 100 Oracle Pkwy, Redwood City, CA 94065, USA («Eloqua»), on our website for registration/sign-up for our newsletters and for newsletter distribution. Eloqua allows us to analyse the usage of our website. Newsletters sent using Eloqua utilize tracking technologies. This allows us to track your newsletter reading behaviour and, for example, determine if the newsletters are opened and which links you click. Eloqua uses cookies to provide the service. These cookies collect information about your user behaviour on our website. The information collected by the cookie on our website is only visible to us and is not shared with Oracle or other users of the Eloqua system.

We may also integrate additional third-party offerings on our website, especially from social media platforms. These offers are deactivated by default.  Once you activate them (e.g., by clicking a toggle), the respective platforms can detect that you are on our website. If you have an account on the corresponding social media platform, it can associate this information with you and track your use of online offers. The social media platforms process this data under their own responsibility.

We can operate pages and other online presences on social networks and other platforms operated by third parties («fan pages,» «channels,» «profiles,» etc.) and collect the data about you described in section 3 and below. We receive this data from you and the platforms when you interact with us through our online presence (e.g., when you communicate with us, comment on our content, or visit our presence).  At the same time, the platforms analyse your use of our online presence and link this data with additional information they have about you (e.g., regarding your behaviour and preferences).

We process this data for the purposes described in section 4, in particular for communication, marketing purposes (including advertising on these platforms, refer to section 13), and market research. You can find information on the corresponding legal bases in section 5 above. We can redistribute content published by you (e.g., comments on an announcement) ourselves (e.g., in our advertising on the platform or elsewhere).  We or the platform operators can also delete or restrict content from or about you according to the usage guidelines (e.g., inappropriate comments).

For further information regarding the processing by the platform operators, please refer to the privacy notices of the platforms.  There, you will also learn about the countries in which they process their data, the rights you have as a data subject such as access, deletion, and other rights, and how you can exercise these rights or obtain additional information. Currently, we are using the following platforms:

Facebook: We operate Facebook company pages.  The responsible entity for the operation of the Facebook platform for users in Europe is Meta Platforms Ireland Limited. Their privacy notices can be accessed at http://www.facebook.com/policy . Some of your data will be transferred to the USA.  You can object to advertising here: http://www.facebook.com/settings?tab=ads. Regarding the data collected and processed for the creation of «Page Insights» when visiting our page, we share joint responsibility with Meta Platforms Ireland Ltd. Dublin, Ireland.  Within the scope of Page Insights, statistics are generated about what users do on our page (comment on posts, share content, etc.). This is described at www.facebook.com/legal/terms/information_about_page_insights_data. It helps us understand how our page is used and how we can improve it.  We only receive anonymous, aggregated data in this process. We have defined our responsibilities for data protection according to the information provided at http://www.facebook.com/legal/terms/page_controller_addendum.

Instagram: We use Instagram business pages.  The responsible entity for the operation of the Instagram platform is Meta Platforms Ireland Limited. Their privacy notices can be accessed at https://www.facebook.com/help/instagram/155833707900388. Some of your data will be transferred to the USA.  You can object to advertising here: www.facebook.com/settings?tab=ads. Regarding the data collected and processed for the creation of «Page Insights» when visiting our page, we share joint responsibility with Meta Platforms Ireland Ltd. Dublin, Ireland.  Within the scope of Page Insights, statistics are generated about what users do on our page (comment on posts, share content, etc.). This is described at www.facebook.com/legal/terms/information_about_page_insights_data. It helps us understand how our page is used and how we can improve it.  We only receive anonymous, aggregated data in this process. Our responsibilities regarding data protection are regulated according to the information provided at www.facebook.com/legal/terms/page_controller_addendum.

LinkedIn: We use a LinkedIn company page.  The responsible entity for the operation of the LinkedIn platform is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland («LinkedIn»). When visiting our company page, LinkedIn captures, among other things, your IP address and additional information present on your device in the form of cookies.  These details are utilized to provide us, as the operator of the LinkedIn page, with statistical insights regarding the utilization of the LinkedIn page. The extent to which LinkedIn utilizes data from visits to LinkedIn pages for its own purposes, how individual user activities on the LinkedIn page are linked, the duration of data storage by LinkedIn, and whether data from visits to the LinkedIn page is shared with third parties are not conclusively and clearly specified by LinkedIn and are not known to us. Additionally, as the provider of a LinkedIn company page, we do not gather or process any data from your usage of our service.

X (formerly Twitter): We operate at X (formerly Twitter) company profiles. The responsible entity for the operation of the X platform (for the EU, the EFTA States and the UK) is Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland. Information about the data processed by X and the purposes for which it is used can be found in X privacy policy: https://twitter.com/de/privacy.

YouTube: This website includes functions of the YouTube service.  YouTube is owned by Google Ireland Limited. Your legal agreement with YouTube consists of the terms and conditions that can be found at the following link: https://www.youtube.com/static?gl=de&template=terms&hl=de. These provisions form a legally binding agreement between you and YouTube regarding the use of the services.  In Google's privacy policy, it is explained how YouTube handles your personal data and protects your information when you use the service.

File Share: Data exchange is then possible via so-called file-sharing platforms.  File-sharing is the direct sharing of files between internet users using a file-sharing network. In this process, the files are usually located on the computers of individual participants or dedicated servers, from where they are distributed to interested users (e.g., WhatsApp, WeTransfer, etc.).

This privacy policy is not part of a contract with you. We can adjust this privacy policy at any time.  The version published on this website is the current edition.

Last updated: August, 2023