Privacy Policy

Information on the processing of personal data from our clients

Company contact details:
Movilitas Consulting GmbH
represented by managing directors Stefan Hockenberger, Olga Whitlatch, Ross Young
Hermsheimer Strasse 5, 68163 Mannheim
Telephone number: +49 (0) 6211/502040
E-mail: info@movilitas.com

Contact details for the data protection officer:
DESAG Sachverständiger für Datenschutz & Datensicherheit
Thomas Ott
Kolbcom GmbH
Augustaanlage 22
68165 Mannheim
Telephone number: + 49 (0) 1515 2886186
E-mail: info@datenschutz-ott.de

Welcome to our website. The privacy of your data is very important to us. Therefore, we will explain below how we process your personal data.

Categories of data; data sources
Basically, we process the personal data that you provide to us in the context of a request, a pre-contractual relationship or a contractual relationship. In individual cases and insofar as this is necessary within the framework of the fulfilment of the contract, we also process personal data that has been taken from publicly available sources (e.g., trade register, debt directories, Internet) in a permissible manner or is permitted by third parties (e.g., credit reference agencies). were transmitted. This may be personal data (name, birthday, legally authorized representative), address data (address, e-mail address, contact person), financial data (name of the account holder, IBAN, BIC), contract data (contract duration, services purchased, cancellations), Communication data (correspondence, e-mail traffic), advertising data (advertising letters) and other comparable categories of personal data.

General processing of visitor data
The use of our website is possible without providing any personal data. If personal data are collected on our websites, this is always done on a voluntary basis by entering the respective data or by registration with individual access data created before. However, please note that in this case as well access data is collected and stored in the server log files. This concerns the following data:

  • Browser type / your browser version,
  • the operating system,
  • The Website from which you come to us
  • Date and time of your visit / request and the time zone difference to Greenwich Mean Time (GMT),
  • your IP address.

In principle, we evaluate this information in anonymous form to ward off attacks and to improve our offer (processing of personal data as part of a balance of interests in accordance with Art. Art. 6 para. 1 p. 1 f) GDPR) and then delete them. The data is usually not traceable to you personally and will not be merged with other data. However, in the case of concrete indications of unlawful use, we reserve the right to evaluate the data retrospectively.

Use of cookies
As part of your visit to our website cookies can be used on various pages. These are text files that are placed on your computer and, among other things, allow a smooth process of visiting our website. We set cookies on the basis of Art. 6 para. 1 p. 1 a) GDPR, whereby we request your consent for the use and following purposes of the cookies. Your consent can be withdrawn at any time with effect for the future on all specified contact details:

  • Enabling the use of special functions;
  • (Pseudonymised) usage analysis to optimize our website;
  • Increase the attractiveness as well as the comfort of use of our website;
  • Improvement and needs-based design of our offer.

The use of cookies takes place in the context of so-called usage profiles. You will be assigned a pseudonym under which the usage data will be stored. Your IP address will only be saved in abbreviated form, so that a personal assignment of the usage profile is no longer possible.
Most of the cookies we use are deleted from your computer when the browser is closed (session cookies). Other types of cookies may remain on your computer and allow us to recognize your computer by means of the usage profile you created on your next visit to our site (permanent cookies). Cookies are used on our site only by ourselves and not by third parties, with the exception of the third-party cookies that are expressly mentioned in this privacy policy. You can set your browser so that you are informed about the use of cookies and decide individually on whether to accept them or to deactivate the acceptance of cookies in certain cases or completely. Bear in in mind, however, that the rejection of cookies may entail certain functional limitation on our website.

Contact
If you contact us by e-mail or via an offered form, we will process the personal data you have provided to answer your request. We delete the data after the final processing of your request, if there is no contractual or statutory retention obligation.

Contact form
If you send us a request via our contact form, we process the data provided by you on the basis of your consent in accordance with Art. 6 para. 1 p. 1 a) GDPR to handle your request. Basically, your data will be deleted after processing the request, provided that there is no contractual or statutory retention obligation. If you provide us with contractually relevant information, we will transfer it to our existing system. Your consent can be revoked at any time with effect for the future on all specified contact details.

Processing of personal data in the context of a balance of interests (Art. 6 para. 1 clause 1 f) GDPR.
We process personal data according to balance of interests, as far as this is necessary for the protection of our legitimate interests or the interests of third parties.

Examples of such purposes are:

  • Ensuring the IT security and integrity of our systems;
  • Prevention and investigation of criminal offences
  • Assertion or defense of legal claims.

Processing of personal data for the execution of contracts (Art. 6 para. 1 p.1 (b) GDPR.
If a contract is concluded with us, we use personal data as far as this is necessary for the execution of the contract or for the execution of pre-contractual measures. The purposes of the data processing are based on the concrete contract contents, which you can refer to the contract documents.

Processing of personal data after consent (Art. 6 para. 1 p. 1 a GDPR.
In individual cases, we will obtain consent from you for specific purposes expressly identified in connection with data collection (e.g., request via a contact form, opening a customer account, ordering a newsletter). A data processing takes place only if you give us the consent. It is possible that the processing of your request without your consent is not possible and therefore must be made dependent on it. The processing of the data takes place exclusively for the purpose (s) expressly stated. You can revoke your consent with effect for the future at any time. The revocation has no influence on the legality of the processing until the time of revocation.

Consents explicitly obtained
Within the context of our internet presence you provided us with the following consent within the framework of the general contact form:
“I agree to the storage of my data for the electronic processing of my inquiry and accept the terms of the Data Privacy Statement. I may withdraw this consent at any time with effect for the future”.

Cross-border data transmission (point (a) of Article 49 para. 1 GDPR)
Where personal data are transmitted to a third country, we comply with the relevant data protection guidelines for this by transmitting your data generally on the basis of standard contractual clauses and by obtaining your consent to this in accordance with point (a) of Article 49 para. 1 GDPR. Where you avail yourself of our services on external websites, your consent will be obtained via the provider concerned.
Data are transmitted in particular in connection with the use of Google services. As far as you use further offers from us (e.g., Facebook, LinkedIn) which involve cross-border data processing, please also refer to the explanations below.

The use of these services results in the transmission of data to the United States of America.

The data will only be transmitted if you have given us your consent.

The specific details of the recipient, the personal data transmitted and the purpose of the forwarding of the data can be found in the remarks on the respective processing below.

The forwarding of your data poses a risk to your personal data. The United States of America do not provide for a level of data protection comparable to that under EU law (GDPR) and / or national guidelines (e.g., BDSG) or adequate guarantees to ensure a sufficient level of data protection.

Moreover, due to the US legal situation, possible deficits cannot be compensated by other specific guarantees. Nevertheless, depending on the service concerned, standard contract clauses are used in some cases to achieve the maximum possible protection for your data. To find out whether standard contractual clauses are used, please refer to the explanations provided for each service.

You may withdraw your given consent at any time with effect for the future. The withdrawal has no effect on the lawfulness of the processing up to the time of the withdrawal.

Newsletter
If you have subscribed to our newsletter, we process the data provided by you on the basis of your consent in accordance with. Art. 6 para. 1 p. 1 a) GDPR in order to send you our newsletter regularly. To register, the specification of an e-mail address is sufficient. All other details are optional. We use the so-called Double-Opt-In-Procedure, which requires you to confirm your e-mail address in a second step once you have agreed to receive the newsletter. Only then will the service be activated. For legal reasons, we also store the IP address and the date of registration. You can revoke your consent at any time with effect for the future. A link to the cancellation is at the end of each newsletter e-mail. Of course, you can also revoke your consent via the other contact options offered.

Creation of pseudonymised usage profiles for web analytics
This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics uses cookies.

In the context of using cookies, we rely on your consent to the data collection. If you do not give your consent to the data usage when you first visit our website, we will refrain from recording your usage behavior and other personal data which could arise during your website visit and thus also desist from using them for subsequent usage analytics or for remarketing campaigns. This also applies to third-party cookies such as the Google Analytics plugin.

If you agree to the processing of your data in the context of the opt-in procedure (confirmation of the cookie banner), the lawfulness of the processing of your data is based on a consent in accordance with Article 6 para. 1 p. 1 a) GDPR and we will use your data for the purposes of marketing and evaluating your usage behavior within the scope of your given consent.

The information the cookie generates concerning your usage of this website is generally transmitted to a server of Google LLC in the USA where it is then stored. Information regarding the usage of this website and your IP address may possibly be transmitted to a Google server in the USA and also stored on this server. The data transmission is lawful by virtue of your consent in accordance with point (a) of Article 49 para. 1 GDPR. If IP anonymization is enabled on this website, however, Google will truncate your IP address beforehand within a Member State of the European Union or in another state that is party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a server of Google in the USA and truncated there.

Google will use this information on behalf of this website’s operator to evaluate your website usage, to compile reports about the website activities, and to provide further services to the website operator in connection with website usage and Internet usage. The IP address which your browser transmits in the context of Google Analytics will not be combined with any other data held by Google provided that, in the settings of a Google account, you have not configured the web and app activity settings to permit such combination by Google.

Further information on the terms and conditions of use and on data privacy can be found at:
https://marketingplatform.google.com/about/analytics/terms/us/
https://policies.google.com/?hl=en&gl=en

On our website, Google Analytics has been supplemented with the code “anonymizeIp” to be able to collect IP addresses anonymously (so-called IP masking).

Joint responsibility
Movilitas operates its web presence together with other group companies.

These are: Stratford Holdings, LLC, Delaware LLC, 8830 Stanford Blvd., Suite 300, Columbia, MR 21045, USA, Movilitas Consulting LLC, Delaware LLC, Stanford Blvd., Suite 300, Columbia, MD 21045, USA, Movilitas Consulting Germany Holdings GmbH, Hermsheimer Straße 5, 68163 Mannheim, Germany, Naxxos BVBA, Kasteelhoekstraat 1, 1820 Steenokkerzeel, Belgium, Movilitas Belgium BVBA, Kasteelhoekstraat 1, 1820 Steenokkerzeel, Belgium, Movilitas France SAS, 9 rue Juliette Récamier, 69006 Lyon, France, Movilitas Consulting UK, Limited, c/o Peachey & Co Llp, Aldwych, London, England, WC2B 4JF, United Kingdom, Movilitas Consulting, LLC, 8830 Stanford Blvd., Suite 300, Columbia, MD 21045, USA, Movilitas Cloud, LLC, Delaware LLC, c/o The Corporation Trust Company, Corporation Trust Center, 1209 Orange St., Wilmington DE 19801, USA, Movilitas Cloud, Hungary, Liszt Ferenc ter 11, 2nd floor Nr. 1, H-1061, Budapest, Hungary and Movilitas Cloud, BVBA, Kasteelhoekstraat 1, 1820 Steenokkerzeel, Belgium.

Within the meaning of Article 26 GDPR, Movilitas and the aforementioned companies (jointly: “Parties”) have co-responsibility (i.e. joint controllership) for the processing of data collected via this website. The Parties have entered into a corresponding agreement on joint processing. Within the context of said agreement, the Parties have undertaken to ensure compliance with the provisions of data protection law, in particular the lawfulness of the data processing which they jointly perform. Where cross-border data processing is involved, special safeguards have been guaranteed in the form of standard contractual clauses in accordance with point (c) of Article 46 para. 2 GDPR. Furthermore, the data transmission is also permissible by virtue of your consent in accordance with point (a) of Article 49 para. 1 GDPR.

The data subjects’ rights under Articles 15 to 22 GDPR may be asserted vis-à-vis any Party to the agreement. Movilitas Consulting GmbH will handle and respond to any such inquiries from data subjects.

Links to other websites
Our website may contain links to other external websites (Facebook, Twitter, YouTube, Vimeo, LinkedIn, Xing). These are pure links and not plugins. If you click on a link, you will call up the corresponding website and be forwarded to it.

Insofar as we process your data on these external websites (e.g., when you contact us via these websites), our Privacy policy applies, which can be found at: https://www.movilitas.com/privacy-policy

In addition, the providers of the aforementioned websites process your personal data for their own purposes. We can make no claims about the nature of the processing, the purposes or the storage period of your personal data by these providers. Please refer to the privacy policies of the respective provider for further details about how they process your personal data. They can be found at:

  • Facebook: https://www.facebook.com/policy.php
  • Twitter: https://twitter.com/en/privacy
  • YouTube: https://policies.google.com/privacy?hl=en
  • Vimeo: https://vimeo.com/privacy
  • LinkedIn: https://www.linkedin.com/legal/privacy-policy?_l=en_EN
  • Xing: https://privacy.xing.com/en/privacy-policy

Further information on the external services that we use can be found below.

YouTube
Movilitas accesses the technical platform and services of YouTube, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“YouTube”), for the information service offered here.

Responsibility
Movilitas and YouTube are each independently responsible as regards their processing of your data.

Data processing by YouTube
We would like to point out that you use this YouTube site and its functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g., comments, ratings).

When you visit our YouTube site, YouTube collects, inter alia, your IP address as well as other information that is available on your PC in the form of cookies. This information is used to provide us, as the operator of the YouTube web pages, with statistical information about the use of the YouTube site. Further information about this can be found on YouTube by clicking the following link:
https://support.google.com/YouTube/answer/9002587?hl=en-GB

The data collected about you in this context are processed by YouTube and may possibly be transmitted to countries outside the European Union. The information that YouTube receives and how it is used is described by YouTube in general terms in its privacy policies. The privacy policies can be found at the following link:
https://policies.google.com/privacy?hl=en-GB

The way in which YouTube uses the data from visits to YouTube sites for its own purposes, the extent to which activities on the YouTube site are assigned to individual users, the length of time for which YouTube holds these data and whether data from a visit to the YouTube site are passed on to third parties can be ascertained from the aforementioned privacy policy. Furthermore, YouTube does not specify these activities conclusively and clearly and they are unknown to us.

If you are currently logged on to YouTube as a user, a cookie containing your YouTube identification will exist on your end device. This enables YouTube to recognize that you have visited this site and how you have used it. This also applies to all other YouTube sites as well as to those sites that have integrated YouTube plug-ins. These data can be used to provide content or advertising tailored to your needs.

If you would like to prevent this, you should log out of YouTube and disable the “stay logged in” feature, delete the cookies on your device, and then close and restart your browser. This will delete YouTube information that can be used to identify you directly. This allows you to use our YouTube site without revealing your YouTube identification.

After you log in again, you will again be recognizable as an identifiable user for YouTube.
For information on how to manage or delete information concerning yourself, please visit the following YouTube support page:
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwj70_KisZXqAhWFWxUIHV_YB00QFjABegQIAhAB&url=https%3A%2F%2Fmyaccount.google.com%2Fu%2F0%2Fyourdata%2FYouTube%3Fhl%3Den&usg=AOvVaw2QilVLDgy46Ivi3bNXtHnQ

Data processing by us
Movilitas uses these YouTube pages on the basis points (b) and (f) of Article 6 para. 1 p. 1 (protection of legitimate interests). The legitimate interests that are pursued include:

  • Building and strengthening customer loyalty by placing targeted advertising and communicating with users of the YouTube network;
  • Advertising new products, offers, competitions or other novelties or important news;
  • Answering informal inquiries of all kinds.

Beyond that, Movilitas does not collect or process any other data from your use of our service.

Cross-border data processing
As far as you use this service, we will, as regards the lawfulness of the transmission of data to the USA, draw on your consent given when you visit the website in accordance with point (a) of Article 49 para. 1 GDPR. As regards the inherent risks, reference is made to the aforementioned explanations under “Cross-border data transmission (point (a) of Article 49 para. 1 GDPR)”.

Facebook
Movilitas uses the technical platform and services of Facebook Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland (“Facebook”) for the information service offered here.

Responsibility
Movilitas and Facebook are jointly responsible (i.e. are joint controllers) for the processing of data via this Facebook site within the meaning of Article 26 GDPR. An appropriate agreement on joint processing has been entered into between the two controllers. The essential elements of the agreement on the distribution of the obligation to comply with the guidelines of GDPR can be found here:
https://www.facebook.com/legal/terms/page_controller_addendum

Data processing by Facebook
We would like to point out that you use this Facebook site and its functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g., commenting, sharing, rating).

When you visit our Facebook site, Facebook collects, inter alia, your IP address as well as other information that is available on your PC in the form of cookies. This information is used to provide us, as the operator of the Facebook web pages, with statistical information about the use of the Facebook site. Further information about this can be found on Facebook by clicking the following link:
https://www.facebook.com/help/pages/insights

The data collected about you in this context is processed by Facebook and may possibly be transmitted to countries outside the European Union. The information that Facebook receives and how it is used is described by Facebook in general terms in its privacy policies. There you will also find information on how to contact Facebook and the configuration options for advertisements. The privacy policies can be found at the following link:
https://www.facebook.com/about/privacy

The way in which Facebook uses the data from visits to Facebook sites for its own purposes, the extent to which activities on the Facebook site are assigned to individual users, the length of time for which Facebook holds these data and whether data from a visit to the Facebook site are passed on to third parties can be ascertained from the aforementioned privacy policy. Furthermore, Facebook does not specify these activities conclusively and clearly and they are unknown to us.

When you access a Facebook site, the IP address assigned to your end-device is transmitted to Facebook. According to information from Facebook, this IP address will be anonymized if the access originates from Germany and be erased after 90 (ninety) days. Facebook also stores information about the end devices of its users (e.g., as part of the “login notification” feature); this may possibly enable Facebook to assign IP addresses to individual users.

If you are currently logged on to Facebook as a user, a cookie containing your Facebook identification will exist on your end device. This enables Facebook to recognize that you have visited this site and how you have used it. This also applies to all other Facebook sites as well as to those sites that have integrated Facebook plug-ins. These data can be used to provide content or advertising tailored to your needs.
If you would like to prevent this, you should log out of Facebook and disable the “Stay logged in” feature, delete the cookies on your device, and then close and restart your browser. This will delete Facebook information that can be used to identify you directly. This allows you to use our Facebook site without revealing your Facebook identification.

When you access interactive features of the site (Like, Comment, Share, messages etc.), a Facebook login screen will appear. After you log in, you will again be recognizable as an identifiable user for Facebook.

For information on how to manage or delete information concerning yourself, please visit the following Facebook support page:
https://www.facebook.com/about/privacy

Data processing by us
Movilitas uses these Facebook pages on the basis points (b) and (f) of Article 6 para. 1 p. 1 GDPR (protection of legitimate interests). The legitimate interests that are pursued include:

  • Building and strengthening customer loyalty by placing targeted advertising and communicating with users of the Facebook network;
  • Advertising new products, offers, competitions or other novelties or important news;
  • Answering informal inquiries of all kinds.

Beyond that, Movilitas does not collect or process any other data from your use of our service.

Cross-border data processing
As far as you use this service, we will, as regards the lawfulness of the transmission of data to the USA, draw on your consent given when you visit the website in accordance with point (a) of Article 49 para. 1 GDPR as well as standard contractual clauses approved by the European Commission. As regards the inherent risks, reference is made to the aforementioned explanations under “Cross-border data transmission (point (a) of Article 49 para. 1 GDPR)”.

LinkedIn & SlideShare
Movilitas uses the technical platform and services of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (“LinkedIn”) for the information service offered here.

Responsibility
Movilitas and LinkedIn are jointly responsible (i.e. are joint controllers) for the processing of data via this LinkedIn site within the meaning of Article 26 GDPR. An appropriate agreement on joint processing has been entered into between the two controllers. The essential elements of the agreement on the distribution of the obligation to comply with the guidelines of GDPR can be found here:
https://legal.linkedin.com/pages-joint-controller-addendum

Accordingly, LinkedIn is responsible for enabling you to exercise your rights under GDPR. In this regard, you can contact LinkedIn online by clicking on the following link (https://www.linkedin.com/help/linkedin/ask/PPQ?lang=en) or by using the contact details provided in LinkedIn’s Privacy Policy. You can contact the Data Protection Officer at LinkedIn Ireland by clicking on the following link: https://www.linkedin.com/help/linkedin/ask/TSO-DPO.

If you have any inquiries concerning the exercise of your rights in relation to the processing of personal data in the framework of the Page Insights, you can also address these to us via our contact details provided. In this case, we will refer your inquiry to LinkedIn. Under the terms of this agreement, the Irish Data Protection Authority is the leading supervisory authority for overseeing the processing of personal data in the framework of Page Insights. You have the right at any time to lodge a complaint with the Irish Data Protection Authority (see www.dataprotection.ie) or any other supervisory authority.

Data processing by LinkedIn
We would like to point out that you use this LinkedIn site and its functions on your own responsibility. This applies in particular to the use of the interactive functions.

When you visit our LinkedIn site, LinkedIn collects, inter alia, your IP address as well as other information that is available on your PC in the form of cookies. This information is used to provide us, as the operator of the LinkedIn web pages, with statistical information about the use of the LinkedIn site (in aggregated and anonymized form). Further information about this can be found on LinkedIn by clicking the following link:
https://www.linkedin.com/help/linkedin/answer/4499/linkedin-page-analytics-overview?lang=en

The data collected about you in this context is processed by LinkedIn and may possibly be transmitted to countries outside the European Union. The information that LinkedIn receives and how it is used is described by LinkedIn in general terms in its privacy policies. There you will also find information on how to contact LinkedIn and the configuration options for advertisements. The privacy policies can be found at the following link:
https://www.linkedin.com/legal/privacy-policy

The way in which LinkedIn uses the data from visits to LinkedIn sites for its own purposes, the extent to which activities on the LinkedIn site are assigned to individual users, the length of time for which LinkedIn holds these data and whether data from a visit to the LinkedIn site are passed on to third parties can be ascertained from the aforementioned privacy policy. Furthermore, LinkedIn does not specify these activities conclusively and clearly and they are unknown to us.

If you are currently logged on to LinkedIn as a user, a cookie containing your LinkedIn identification will exist on your end device. This enables LinkedIn to recognize that you have visited this site and how you have used it. This also applies to all other LinkedIn sites as well as to those sites that have integrated LinkedIn plug-ins. These data can be used to provide content or advertising tailored to your needs.

If you would like to prevent this, you should log out of LinkedIn and disable the “stay logged in” feature, delete the cookies on your device, and then close and restart your browser. This will delete LinkedIn information that can be used to identify you directly. This allows you to use our LinkedIn site without revealing your LinkedIn identification.

After you log in again, you will again be recognizable as an identifiable user for LinkedIn.
For information on how to manage or delete information concerning yourself, please visit the following LinkedIn support page:
https://www.linkedin.com/help/linkedin/answer/66/managing-your-account-and-privacy-settings-overview?lang=en

Data processing by us
Movilitas uses these LinkedIn pages on the basis points (b) and (f) Article 6 para. 1 p. 1 GDPR (protection of legitimate interests). The legitimate interests that are pursued include:

  • Building and strengthening customer loyalty by placing targeted advertising and communicating with users of the LinkedIn network;
  • Advertising new products, offers, competitions or other novelties or important news;
  • Answering informal inquiries of all kinds.

The LinkedIn site is also used to contact potential applicants or to be contacted by them. Where this is the case, processing is performed on the basis of Section 26 of the German Federal Data Protection Act (BDSG) if an application process in Germany is involved, otherwise on the basis of point (b) of Article 6 para. 1 p. 1 GDPR.

Beyond that, Movilitas does not collect or process any other data from your use of our service.

Cross-border data processing
As far as you use this service, we will, as regards the lawfulness of the transmission of data to the USA, draw on your consent given when you visit the website in accordance with point (a) of Article 49 para. 1 GDPR as well as standard contractual clauses approved by the European Commission. As regards the inherent risks, reference is made to the aforementioned explanations under “Cross-border data transmission (point (a) of Article 49 para. 1 GDPR)”.

Xing
Movilitas uses the technical platform and services of Xing, a service of New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany (“Xing”) for the information service offered here.

Responsibility
Movilitas and Xing are each independently responsible as regards their processing of your data.

Data processing by Xing
We would like to point out that you use this Xing site and its functions on your own responsibility. This applies in particular to the use of the interactive functions.

When you visit our Xing site, Xing collects, inter alia, your IP address as well as other information that is available on your PC in the form of cookies.
The data collected about you in this context is processed by Xing and may possibly be transmitted to countries outside the European Union. The information that Xing receives and how it is used is described by Xing in general terms in its privacy policies. There you will also find information on how to contact Xing and the configuration options for advertisements. The privacy policies can be found at the following link:
https://privacy.xing.com/en

The way in which Xing uses the data from visits to Xing sites for its own purposes, the extent to which activities on the Xing site are assigned to individual users, the length of time for which Xing holds these data and whether data from a visit to the Xing site are passed on to third parties can be ascertained from the aforementioned privacy policy. Furthermore, Xing does not specify these activities conclusively and clearly and they are unknown to us.

The data collected is partly being used for the execution of recruiting processes. Additional information can be found at the following link:
https://www.new-work.se/en/newsroom/press-releases/xing-launches-recruiter-insights-a-strategic-hub-for-managing-recruiting-processes-and-kpis

If you are currently logged on to Xing as a user, a cookie containing your Xing identification will exist on your end device. This enables Xing to recognize that you have visited this site and how you have used it. This also applies to all other Xing sites as well as to those sites that have integrated Xing plug-ins. These data can be used to provide content or advertising tailored to your needs.

If you would like to prevent this, you should log out of Xing and disable the “stay logged in” feature, delete the cookies on your device, and then close and restart your browser. This will delete Xing information that can be used to identify you directly. This allows you to use our Xing site without revealing your Xing identification.

After you log in again, you will again be recognizable as an identifiable user for Xing.

Data processing by us
Movilitas uses these Xing pages on the basis points (b) and (f) of Article 6 para. 1 p. 1 GDPR (protection of legitimate interests). The legitimate interests that are pursued include:

  • Building and strengthening customer loyalty by placing targeted advertising and communicating with users of the Xing network;
  • Advertising new products, offers, competitions or other novelties or important news;
  • Answering informal inquiries of all kinds.

The Xing site is also used to contact potential applicants or to be contacted by them. Where this is the case, processing is performed on the basis of Section 26 of the German Federal Data Protection Act (BDSG) if an application process in Germany is involved, otherwise on the basis of point (b) of the first sentence of Article 6 para. 1 p. 1 lit. b) DSGVO.

Beyond that, Movilitas does not collect or process any other data from your use of our service.

Twitter
Movilitas accesses the technical platform and services of Twitter, a service of Twitter International Company, One Cumberland Place, Fenian Street Dublin 2, D02 AX07 Ireland (“Twitter”), for the information service offered here.

Responsibility
Movilitas and Twitter are jointly responsible (i.e. are joint controllers) for the processing of data via this Twitter site within the meaning of Article 26 GDPR. An appropriate agreement on joint processing has been entered into between the two controllers. The essential elements of the agreement on the distribution of the obligation to comply with the guidelines of GDPR can be found here:
https://gdpr.twitter.com/en/controller-to-controller-transfers.html

Data processing by Twitter
We would like to point out that you use this Twitter site and its functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g., comments, ratings).

When you visit our Twitter site, Twitter collects, inter alia, your IP address as well as other information that is available on your PC in the form of cookies. This information is used to provide us, as the operator of the Twitter web pages, with statistical information about the use of the Twitter site. Further information about this can be found on Twitter by clicking the following links:
https://analytics.twitter.com/about

The data collected about you in this context are processed by Twitter and may possibly be transmitted to countries outside the European Union. The information that Twitter receives and how it is used is described by Twitter in general terms in its privacy policies. The privacy policy can be found at the following link:
https://twitter.com/en/privacy

The way in which Twitter uses the data from visits to Twitter sites for its own purposes, the extent to which activities on the Twitter site are assigned to individual users, the length of time for which Twitter holds these data and whether data from a visit to the Twitter site are passed on to third parties can be ascertained from the aforementioned privacy policy. Furthermore, Twitter does not specify these activities conclusively and clearly and they are unknown to us.

If you are currently logged on to Twitter as a user, a cookie containing your Twitter identification will exist on your end device. This enables Twitter to recognize that you have visited this site and how you have used it. This also applies to all other Twitter sites as well as to those sites that have integrated Twitter plug-ins. These data can be used to provide content or advertising tailored to your needs.

If you would like to prevent this, you should log out of Twitter and disable the “stay logged in” feature, delete the cookies on your device, and then close and restart your browser. This will delete Twitter information that can be used to identify you directly. This allows you to use our Twitter site without revealing your Twitter identification.

After you log in again, you will again be recognizable as an identifiable user for Twitter.
For information on how to manage or delete information concerning yourself, please visit the following Twitter support page:
https://help.twitter.com/en/safety-and-security

Data processing by us
Movilitas uses these Twitter pages on the basis points (b) and (f) of Article 6 para. 1 p. 1 GDPR (protection of legitimate interests). The legitimate interests that are pursued include:

  • Building and strengthening customer loyalty by placing targeted advertising and communicating with users of the Twitter network;
  • Advertising new products, offers, competitions or other novelties or important news;
  • Answering informal inquiries of all kinds.

Beyond that, Movilitas does not collect or process any other data from your use of our service.

Cross-border data processing
As far as you use this service, we will, as regards the lawfulness of the transmission of data to the USA, draw on your consent given when you visit the website in accordance with point (a) of Article 49 para. 1 GDPR. As regards the inherent risks, reference is made to the aforementioned explanations under “Cross-border data transmission (point (a) of Article 49 para. 1 GDPR)”.

Vimeo
Movilitas accesses the technical platform and services of Vimeo, a service of Vimeo, Inc., 555 West 18th Street, New York, New York 10011, USA (“Vimeo”), for the information service offered here.

Responsibility
Movilitas and Vimeo are each independently responsible as regards their processing of your data.

Data processing by Vimeo
We would like to point out that you use this Vimeo site and its functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g., comments, ratings).

When you visit our Vimeo site, Vimeo collects, inter alia, your IP address as well as other information that is available on your PC in the form of cookies. This information is used to provide us, as the operator of the Vimeo web pages, with statistical information about the use of the Vimeo site. Further information about this can be found on Vimeo by clicking the following link:
https://vimeo.com/analytics

The data collected about you in this context are processed by Vimeo and may possibly be transmitted to countries outside the European Union. The information that Vimeo receives and how it is used is described by Vimeo in general terms in its privacy policies. The privacy policies can be found at the following link:
https://vimeo.com/privacy

The way in which Vimeo uses the data from visits to Vimeo sites for its own purposes, the extent to which activities on the Vimeo site are assigned to individual users, the length of time for which Vimeo holds these data and whether data from a visit to the Vimeo site are passed on to third parties can be ascertained from the aforementioned privacy policy. Furthermore, Vimeo does not specify these activities conclusively and clearly and they are unknown to us.

If you are currently logged on to Vimeo as a user, a cookie containing your Vimeo identification will exist on your end device. This enables Vimeo to recognize that you have visited this site and how you have used it. This also applies to all other Vimeo sites as well as to those sites that have integrated Vimeo plug-ins. These data can be used to provide content or advertising tailored to your needs.

If you would like to prevent this, you should log out of Vimeo and disable the “stay logged in” feature, delete the cookies on your device, and then close and restart your browser. This will delete Vimeo information that can be used to identify you directly. This allows you to use our Vimeo site without revealing your Vimeo identification.

After you log in again, you will again be recognizable as an identifiable user for Vimeo.

Data processing by us
Movilitas uses these Vimeo pages on the basis points (b) and (f) of Article 6 para. 1 p. 1 GDPR (protection of legitimate interests). The legitimate interests that are pursued include:

  • Building and strengthening customer loyalty by placing targeted advertising and communicating with users of the Vimeo network;
  • Advertising new products, offers, competitions or other novelties or important news;
  • Answering informal inquiries of all kinds.

Beyond that, Movilitas does not collect or process any other data from your use of our service.

Cross-border data processing
As far as you use this service, we will, as regards the lawfulness of the transmission of data to the USA, draw on your consent given when you visit the website in accordance with point (a) of Article 49 para. 1 GDPR. As regards the inherent risks, reference is made to the aforementioned explanations under “Cross-border data transmission (point (a) of Article 49 para. 1 GDPR)”.

GoToWebinar
Movilitas accesses the technical platform and services of GoToWebinar, a service of LogMeIn Ireland Limited, Bloodstone Building Block C, 70 Sir John Rogerson’s Quay, Dublin 2, Ireland (“GoToWebinar”), for the information service offered here.

Processing under commission
In its relationship to Movilitas, GoToWebinar acts in the capacity of a “Processor” within the meaning of Article 28 GDPR. The Parties have entered into an agreement on commissioned processing in accordance with Article 28 para. 3 GDPR. To ensure a high standard of data protection, standard contractual clauses within the meaning of point (c) of Article 46 para. 2 GDPR have been incorporated into the agreement. The details of the agreement can be found at the following link:
https://logmeincdn.azureedge.net/legal/20191226/DPA/LMI-Customer-Data-Processing-Addendum-2019-v2-SAMPLE.pdf

Data processing by GoToWebinar
We would like to point out that you use this GoToWebinar site and its functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g., comments, ratings).

When you visit our GoToWebinar site, GoToWebinar collects, inter alia, your IP address as well as other information that is available on your device. GoToWebinar uses Googles Analytics as well as Adobe Marketing Cloud on its website. Further information about the processing of your data can be found on GoToWebinar by clicking the following link:
https://www.logmeininc.com/legal/privacy/international

Data processing by us
Movilitas uses these GoToWebinar pages on the basis points (b) of Article 6 para. 1 p. 1 GDPR. The purposes of the processing are as follows:

  • Building and strengthening customer loyalty by placing targeted advertising and communicating with users of the GoToWebinar network;
  • Advertising new products, offers, competitions or other novelties or important news;
  • Answering informal inquiries of all kinds.

Beyond that, Movilitas does not collect or process any other data from your use of our service.

Cross-border data processing
As far as you use this service, we will, as regards the lawfulness of the transmission of data to the USA, draw on your consent given when you visit the website in accordance with point (a) of Article 49 para. 1 GDPR. As regards the inherent risks, reference is made to the aforementioned explanations under “Cross-border data transmission (point (a) of Article 49 para. 1 GDPR)”.

Data transfer
We pass on data to other third parties if and to the extent that we have delegated the fulfillment of tasks to them. Furthermore, a data transfer based on our legitimate interest, cf. Art. 6 para. 1 p. 1 f) GDPR; Such a legitimate interest may exist in relation to a data transfer within the Movilitas Group (“Joint responsibility”).

In addition, we entrust your data to our service providers. We use service providers especially in the following areas:

  • IT-service-provider.

The transfer of data always takes place on the basis of a legal standard or a suitable contract according to Art. 26 or 28 GDPR, which ensures observance of all data protection requirements. Insofar as a data transfer to a third country takes place, this only happens if and to the extent that the security of the personal data is secured in accordance with the legally stipulated permissions of Art. 44 et seq. GDPR.

If data are transmitted on the basis of consent to a third country, without an adequacy decision or other suitable guarantees being available at the same time, you will be informed on the associated increased risk of data processing during transmission pursuant to Art. 49 para. 1 p. 1 a) GDPR. However, we would like to assure you that, by careful selection and constant review of the standards of our contractors, potential risks are successfully minimized.

Incidentally, a data transfer takes place exclusively in the context of the statutory cases, for example, in a statutory duty to provide information to law enforcement agencies.

Duration of Data Storage
Your personal data will be deleted by us immediately, as soon as the data are no longer needed for the fulfilment of the contractual and legal obligations or the purpose for which the data was processed is reached and the data is no longer needed for this purpose.

Personal data will be stored for at least as long as necessary to fulfill contractual obligations and to exercise contractual rights. This period may extend beyond the actual contract period, as the data may still be relevant under the statute of limitations after the end of the contract. In addition, deletion can only take place if any tax and commercial retention periods have expired.

The criteria for the duration of the storage of cookies can be found in the relevant section.

Your rights as a data subject
As a person concerned with the processing of personal data, you have the following rights:

You have the right to request confirmation from us as to whether we are processing personal data relating to you. If this is the case, you have a right to information about the personal data and to the information listed in Article 15 GDPR in detail.

You have the right to demand that the responsible person immediately correct any incorrect personal data concerning you and, if necessary, complete any incomplete personal data (Art. 16 GDPR).

You have the right to demand that the person responsible delete personal data concerning you immediately if one of the reasons specified in Art. 17 GDPR applies, e.g., if the data is no longer required for the purposes pursued (right to deletion).

You have the right to request the restriction of processing if one of the conditions listed in Art. 18 GDPR is met, e.g., if you have lodged an objection against the processing pursuant to Art. 21 GDPR, for the duration of any inquiry as to whether our legitimate interests outweigh yours.

You have the right to receive in a structured, common and machine-readable format the personal data concerning yourself which you have supplied us, as well as the right to transmit these data to another controller without hindrance by us, provided that the processing of these data is based on your consent or on a contract and that the processing is carried out with the aid of automated procedures (Article 20 GDPR). When exercising the right to data portability, you have the right to have the personal data transferred directly from us to another controller, as far as this is technically feasible (right to data portability).

You have the right, for reasons arising from your particular situation, to object at any time to the processing of personal data concerning your person, which may be processed on the basis of Art. The responsible party will no longer process the personal data unless it can demonstrate compelling legitimate grounds for processing that outweigh the interests, rights and freedoms of the affected party, or the processing is for the purpose of establishing, exercising or defending legal claims (Art. 21 GDPR).

With regard to the exercise of your rights, you can always contact us via the contact options offered on our website.

Right to complain
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data infringes the GDPR (Article 77 GDPR). You may exercise this right before a supervisory authority in the member state in which you reside, work or where the suspected infringement takes place. For example, in Baden-Württemberg the competent supervisory authority is:

Country Commissioner for Data Protection and Freedom of Information Baden-Württemberg
Königstrasse 10 a, 70173 Stuttgart
Postfach 10 29 32, 70025 Stuttgart, Germany
Telephone no.: +49 (0) 6211/502040
Email: poststelle@lfdi.bwl.de

Further information is available on the service portal of the state of Baden-Württemberg under the following link: https://www.baden-wuerttemberg.datenschutz.de

Of course, you can also contact us directly if you are dissatisfied or have questions about privacy. The quickest way to reach both our internal and external contact person on the subject of data protection under the following contact data:
info@movilitas.com or info@datenschutz-ott.de

Requirement to provide personal data
There is basically no obligation to provide data. However, providing data may be required to use certain features or to enter into a contract. If you do not provide the necessary data, you will not be able to use certain features or services, or a contract may not be finalized.