Privacy Policy

Name and address of the data controller

The controller as defined within the General Data Protection Regulation (GDPR) and within other national privacy legislation of the member states and other privacy regulations is:

TRUST RISK CONTROL Int. Insurance Development GmbH
Gustav-Freytag-Str. 15
D-22085 Hamburg
represented by: Christoph Baltsch
Tel: +49 40 82 22 52-0
Email: info@trustrc.com

Name and address of the data protection officer

The data protection officer of the controller is:

Deutsche Datenschutz Consult GmbH
Christoph Heinrich
https://deutsche-datenschutz-consult.de
Stresemannstraße 29
D-22769 Hamburg Germany
Telefon: +49 40 228 60 70 402
E-Mail: datenschutz@trustrc.com

Server Statistics

When visiting our website, we record the following data transferred by your browser:

IP address
internet service provider of the user
date and time of the request
time zone offset from Greenwich Mean Time (GMT)
content of the request (specific web page)
access status / HTTP status code
transferred data volume
website requesting access
subsequently visited website
browser
language and current version of the browser software
operating system and interface

The data collected by us is stored in server log files.

The legal basis for temporarily saving the data in log files is art. 6 sec. 1 lit. f GDPR.

Our systems need to temporarily save the IP address to enable our systems to deliver the website to the device of the user. For this purpose, the IP address of the user needs to remain saved for the duration of the session.

The logging takes place for the internal evaluation of our online presence, to optimize the display of our website and to identify and prevent improper use. The stored data is not merged with other data sources or used for marketing purposes.

Our legitimate interest in data processing in accordance with Article 6 sec. 1 lit. f GDPR also lies in these purposes.

The data will be deleted as soon as it is not required for fulfilling the purposes listed above any longer. In case of the data usage for providing the website, this is the case at the end of the user session.

For the storage of data in log files, this is the case after seven days at the latest. Storage beyond this is possible. In this case, the IP addresses of the users are deleted or anonymized so that it is no longer possible to assign to the respective client.

Recording the data for providing the website and saving that data in log files is essential for operating the website. Hence, there is no possibility to object to this processing activity.

Job Applications

Direct job offerings and acceptance of applications are usually not provided on our website. Should you nevertheless decide to send us an unsolicited application, the following applies:

When sending your job application to us via e-mail, this happens unencrypted. We inform you that the transfer of unencrypted information is not safe in terms of data protection. We therefore recommend sending applications by post. Should you nevertheless apply by e-mail, you do so at your own risk.

Throughout the application process, we only collect the data that you provide us with.

After receiving your application, we use the data provided by you to determine if you are suited for the job opening and to carry out the application process. Suitable applications will be forwarded internally to the person responsible for the department in question. Then, the further procedure for the application is determined. Access to your data is granted solely to the persons within the company that need it in order to properly carry out the application process.

Your data is processed exclusively on data centers within the Federal Republic of Germany.

The data you provide us with through the application process is processed on the legal basis of the German legal basis § 26 BDSG (Bundesdatenschutzgesetz), section 1 in particular. This regulation allows processing activities that are necessary for the purposes of making a decision about entering an employment relationship.

Should your data be needed for the purposes of defending our legal interests after the completion of the application process, your data will be processed under the conditions of excercising our legitimate interests under art. 6 sec. 1 lit. f GDPR. Those interests then consist of excercising or defending against legal claims. The data usually is deleted 6 months after the opening has been filled.

Should your application result in an employment relationship, your data will be transferred to our human resources department for further processing.

You have the option at any time to request information about what data we have stored about you and to request its deletion.

Cookies

This website employs cookies. A „cookie“ is a text information that saves the visited website on the device of the user via the web browser, so the browser can at a later point in time access the information.

Cookies can contain information about specifications you have made while visiting the website – for example your choice of language, entries into forms, etc. Cookies may also contain a specific identifier which allows the website to recognize your browser upon another visit.

We ourselves session cookies only (deleted automatically after closing the browser).

The placement of our cookies is based on art. 6 sec. 1 lit. f GDPR. Our legitimate interests lie in the provision and technical implementation of basic functions of the website such as language selection and a login area for members. We use the personal data collected with the help of the cookies in order to be able to assign your navigation on our website to a closed session. The user data collected in this way will not be used to create user profiles.

You can at any time prevent the placement of cookies through our internet site by changing the settings on your browser accordingly and thus object to the placement of cookies permanently. Hence, you as a user are in full control over the usage of cookies on your device. Furthermore, placed cookies can be deleted at any time through the internet browser used or by other software. This is possible with any common internet browser. If you deactivate the placement of cookies by your browser, you may not be able to use all features of our internet site to their full extent.

Google Maps

On our website we use Google Maps (API) from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). Google Maps is a web service for displaying interactive (land) maps to visually display geographic information. Using this service will show you our location and make it easier to get there.

As soon as you call up the sub-pages in which the Google Maps map is integrated, information about your use of our website (e.g. your IP address) is transmitted to Google’s servers and stored there. This can also result in transmission to the servers of Google LLC. come in the US. This occurs regardless of whether Google provides a user account through which you are logged in or whether a user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish to be associated with your profile on Google, you must log out before activating the button. Google saves your data (even for users who are not logged in) as usage profiles and evaluates them. The collection, storage and evaluation are carried out in accordance with Article 6 Paragraph 1 Letter f GDPR on the basis of Google’s legitimate interest in the display of personalized advertising, market research and/or the needs-based design of Google websites. You have the right to object to the creation of these user profiles, although you must contact Google to exercise this right.

If you do not agree to the future transmission of your data to Google when using Google Maps, you also have the option of completely deactivating the Google Maps web service by switching off the JavaScript application in your browser. Google Maps and thus also the map display on this website cannot then be used.

You can view Google’s terms of use at the following address:

https://policies.google.com/terms?hl=en&gl=de

The additional terms of use for Google Maps can be found at

https://www.google.com/intl/en_US/help/terms_maps/

Detailed information on data protection in connection with the use of Google Maps can be found on the Google website (“Google Privacy Policy”):

https://policies.google.com/privacy?hl=en&gl=en

YouTube

On our website we use the video portal “YouTube” from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: “Google”). The implementation is based on Article 6 Paragraph 1 Sentence 1 lit. f GDPR, whereby our interest lies in the smooth integration of the videos and the appealing design of our website.

We use the “extended data protection mode” option provided by Google. If you call up a page that has an embedded video, a connection to the Google servers is established and the content is displayed on the website by notifying your browser. According to information from Google, your data will only be evaluated in “extended data protection mode” if you watch the video. However, to provide the thumbnail, a connection to the YouTube servers is established before the video is loaded, and the IP address of the user is therefore also transmitted for technical reasons.

If you are logged in to Google at the same time, this information will be assigned to your YouTube member account. You can prevent this by logging out of your member account before visiting our website.

In some cases, information is transmitted to the parent company Google LLC based in the USA, to other Google companies and to external partners of Google, each of which may be located outside the European Union. Google uses European Commission-approved Standard Contractual Clauses and relies on European Commission adequacy decisions for specific countries.

Further information on data protection in connection with YouTube can be found at

https://policies.google.com/privacy?hl=en&gl=en

DoubleClick

Doubleclick by Google is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Doubleclick by Google or its successor “Google Marketing Platform” uses cookies to show you advertisements that are relevant to you. A pseudonymous identification number (ID) is assigned to your browser in order to check which ads were displayed in your browser and which ads were viewed. The cookies do not contain any personal information. The use of DoubleClick cookies enables Google and its partner websites to place ads based on previous visits to our or other websites on the Internet. The information generated by the cookies may be transmitted to a server in the USA and stored there by Google for evaluation. A cross-device assignment to a user profile created by Google can also be made via the service.

By each call of one of the individual pages of this website on which a DoubleClick component has been integrated, the internet browser on the information technology system of the data subject is automatically caused by the respective DoubleClick component to transmit data to Google for the purpose of online advertising and commission accounting. As part of this technical process, Google obtains knowledge of data that Google also uses to generate commission statements. Among other things, Google can track that the data subject has clicked on certain links on our website.

On our website, the DoubleClick servers are only accessed on one of our subpages, and this is based on our legitimate interest in implementing a valid digital marketing strategy for our services, Art. 6 sec. 1 lit. F GDPR.

For more information concerning DoubleClick by Google, you can view the applicably privacy policy here: https://www.google.com/intl/en/policies/

Google ReCaptcha

We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). The purpose of reCAPTCHA is to check whether data is entered on our websites (e.g. in a contact form) by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, how long the website visitor spends on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google. How the analysis works is not completely transparent.

The reCAPTCHA analyzes run completely in the background. Website visitors are not informed that an analysis is taking place.

Data processing takes place on the basis of Art. 6 Para. 1 lit. f GDPR. We only use the ReCaptcha in our login area, which gives access to e.g. T. provides highly sensitive and/or financial transfer related data. There is a special need for protection for this. Furthermore, there have already been attempts at unauthorized access in the past. We therefore have a particularly legitimate interest in protecting our login area from unauthorized access and misuse using the best possible tools.
For more information about Google reCAPTCHA and Google’s privacy policy, see the following links:

https://www.google.com/intl/de/policies/privacy/

https://www.google.com/recaptcha/intro/android.html.

Web Fonts

Our website uses so-called web fonts or icons provided by Fonticons, Inc., 307 S Main St Ste 202 Bentonville, AR, 72712-9214, USA (“FontAwesome”) and Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”) for the uniform display of fonts or icons. When you call up a page, your browser loads the required web fonts or icons into your browser cache in order to display text, fonts and icons correctly.

For this purpose, the browser you are using must connect to the respective servers of FontAwesome and Google. This gives FontAwesome and Google knowledge that our website was accessed via your IP address. Web fonts are used in the interest of a uniform and attractive presentation of our online offers. This represents a legitimate interest within the meaning of Art 6 sec. 1 lit. f GDPR.

If your browser does not support the use of web fonts, a standard font will be used by your computer. You can find more information about FontAwesome and Google in the information provided by the respective providers at:

FontAwesome Help: https://fontawesome.com/help

Google Fonts Help: https://developers.google.com/fonts/faq

Online presences on social media

We provide an online presence on the platforms Instagram, LinkedIn and XING to interact with the active customers, interested parties and users on these platforms and to inform them of our services. When visiting our respective presences on these platforms, the terms and conditions and data processing policies of the respective platform operators apply (see below).

If not stated differently within this privacy policy, we process the data of users that communicate with us via these platforms, e.g. through posts on our fan pages or by sending us messages. These processing activities lie within our legitimate interests in providing an attractive method of interaction to our customers and interested parties, art. 6 sec. 1 lit. f GDPR.

Furthermore, the personal data of our visitors on these platforms will be evaluated by the platform operators and we are partially provided with anonymized data concerning our presence on the platform. The provision of our social media profile and receiving statistical analysis thereof lies within our responsibility and is done in our legitimate interest in generally using these platforms to increase our reach and to evaluate our content and market reach, art. 6 sec. 1 lit. f GDPR.

The platform operators are the controllers of the statistical evaluation itself. For further information you may at any time address the platform operators or you can read up on their processing activities within their privacy policies.

Name: Instagram; data controller: Meta Platforms Ireland Limited

Address: 4 Grand Canal Square, Dublin 2, Ireland

Joint Controllership: https://www.facebook.com/legal/terms/page_controller_addendum

Name: XING; data controller: New Work SE
Address: Am Strandkai 1, 20457 Hamburg, Germany
Privacy Policy: https://privacy.xing.com/en/privacy-policy

Name: LinkedIn; data controller: LinkedIn Ireland Unlimited Company
Address: Wilton Place, Dublin 2, Ireland
Privacy Policy: https://www.linkedin.com/legal/privacy-policy

Your Rights

Right of Access

You have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed. Upon request we gladly inform you in writing about which personal data are being processed by us, including their origin, any recipients of your personal data as well as the purpose of processing.

Right to object

Where we process your personal data for direct marketing purposes, you may object to our processing and we will immediately cease processing for this purpose. Where we process your personal data on the basis of our legitimate interests, you may object to the processing on grounds relating to you or your particular situation. We will then only continue processing if we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or if we require the personal data for the establishment, exercise or defence of legal claims.

Right to rectification

You have the right to obtain from us rectification of personal data concerning you to the extent we save such data and provided it is inaccurate.

Right to restriction of processing

You have the right, under the preconditions of art. 18 sec. 1 GDPR (for example if the accuracy of the data is disputed or the processing is unlawful), to obtain from us restriction of processing, which means that we may only process your personal data subject to such restriction under the preconditions of art. 18 sec. 2 GDPR (for example with your consent or for the exercise or defence of legal claims).

Right to erasure

You have the right to obtain from us the erasure of your personal data under the preconditions of art. 17 sec. 1 lit. a-f GDPR (for example if the personal data is no longer needed or processing is unlawful) unless exceptions following art. 17 sec. 3 lit. a-e GDPR apply (for example if there are legal obligations to process the personal data).

Right to data portability

You have the right to receive from us your personal data that you have provided to us in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance from us.

Right to lodge a complaint with a supervisory authority

You have the right to lodge a complaint with a supervisory authority, if you feel our processing of your personal data is unlawful.

IT Security Notice

For our website we make use of ssl encryption (secure socket layer) with the highest encryption level supported by your browser. Usually this will be 256-bit encryption. If your browser doesn’t support this, our website falls back to 128-bit technology. Most browsers show encryption status by displaying a closed lock icon next to the URL or in the status bar.

We have implemented appropriate technical and organisational measures to protect the integrity, confidentiality and availability of your personal data. The measures we have implemented are being continuously improved and updated according to the progress of technological development.

No automated Decision-Making

While using our services, you are not subject to any exclusively automatic decision-making process – including profiling – that takes legal effect or affects you significantly in any similar manner.