Privacy policy

fobizz | 101skills GmbH
Rostocker Str. 68
20099 Hamburg
mail@fobizz.com

This privacy policy applies exclusively to the landing page fobizz.com and its subpages. Separate data protection provisions apply to the fobizz online platform https://plattform.fobizz.com and https://tools.fobizz.com/

Though the German Version here is the legally binding version, we have provided a copy in English here for your convenience.

Content

I. General Information

  1. Contact
  2. Legal Basis
  3. Duration of Storage
  4. Categories of Data Recipients
  5. Data Transfer to Third Countries
  6. Processing When Exercising Your Rights
  7. Your Rights
  8. Right to Object
  9. Data Protection Officer II. Data Processing on Our Website
  10. Processing of Server Log Files
  11. Contact Options and Inquiries
  12. Newsletter
  13. Cookies
  14. Consent Management Tool
  15. Google Analytics
  16. Google Ads
  17. Meta Pixel
  18. YouTube
  19. Vimeo III. Data Processing on Our Social Media Pages
  20. Visiting a Social Media Page
  21. Communication via Social Media Pages IV. Further Data Processing
  22. Use of Email Address for Marketing Purposes

I. General Information

1. Contact

If you have any questions or suggestions regarding this information or wish to contact us to exercise your rights, please direct your inquiry to:

fobizz | 101skills GmbH
Rostocker Str. 68, 20099 Hamburg
Tel. 0049 (0) 40 743 04189
Email: mail@fobizz.com

2. Legal Basis

The term “personal data” under data protection law refers to all information relating to an identified or identifiable person. We process personal data in compliance with the relevant data protection regulations, particularly the GDPR and the BDSG. Data processing by us only takes place based on a legal permission. We process personal data only with your consent (§ 25 para. 1 TTDSG or Art. 6 para. 1 lit. a GDPR), to fulfill a contract to which you are a party or to carry out pre-contractual measures at your request (Art. 6 para. 1 lit. b GDPR), to fulfill a legal obligation (Art. 6 para. 1 lit. c GDPR), or if the processing is necessary to protect our legitimate interests or the legitimate interests of a third party, provided that your interests or fundamental rights and freedoms requiring the protection of personal data do not prevail (Art. 6 para. 1 lit. f GDPR).

3. Duration of Storage

Unless otherwise stated in the following notes, we store the data only as long as necessary to achieve the processing purpose or to fulfill our contractual or legal obligations. Such legal retention obligations may arise, in particular, from commercial or tax regulations. From the end of the calendar year in which the data was collected, we will retain such personal data contained in our accounting records for ten years and personal data contained in business letters and contracts for six years. Otherwise, we will retain data related to consent that requires proof and claims and complaints for the duration of the statutory limitation periods. We will delete data stored for advertising purposes if you object to processing for this purpose.

4. Categories of Data Recipients

We use processors in the processing of your data. Processing operations carried out by such processors include, for example, hosting, email dispatch, maintenance and support of IT systems, customer and order management, accounting and billing, marketing measures, or file and data carrier destruction. A processor is a natural or legal person, authority, institution, or other body that processes personal data on behalf of the controller. Processors do not use the data for their own purposes but carry out data processing exclusively for the controller and are contractually obligated to ensure appropriate technical and organizational measures for data protection. Otherwise, we may transfer your personal data to entities such as postal and delivery services, house banks, tax consulting/auditing firms, or tax authorities. Further recipients may arise from the following notes.

5. Data Transfer to Third Countries

Our data processing may involve the transfer of certain personal data to third countries, i.e., countries where the GDPR is not applicable law. Such a transfer is permissible if the European Commission has determined that an adequate level of data protection is provided in such a third country. If such an adequacy decision by the European Commission is not available, a transfer of personal data to a third country will only take place if appropriate safeguards are in place according to Art. 46 GDPR or if one of the conditions of Art. 49 GDPR is met.

If no adequacy decision is available and unless otherwise stated below, we use the EU standard data protection clauses as appropriate safeguards for the transfer of personal data to third countries. You have the option to obtain or view a copy of these EU standard data protection clauses. Please contact the address provided under Contact.

If you consent to the transfer of personal data to third countries, the transfer will be based on Art. 49 para. 1 lit. a GDPR.

6. Processing When Exercising Your Rights

When you exercise your rights under Art. 15 to 22 GDPR, we process the personal data provided to us for the purpose of implementing these rights and to be able to provide evidence of this. We will process data stored for the purpose of providing information and its preparation only for this purpose and for purposes of data protection control and otherwise restrict processing in accordance with Art. 18 GDPR.

These processing operations are based on the legal basis of Art. 6 para. 1 lit. c GDPR in conjunction with Art. 15 to 22 GDPR and § 34 para. 2 BDSG.

7. Your Rights

As a data subject, you have the right to assert your data subject rights against us. In particular, you have the following rights:

  • You have the right to request information about whether and, if so, to what extent we process personal data concerning you according to Art. 15 GDPR and § 34 BDSG.
  • You have the right to request the correction of your data according to Art. 16 GDPR.
  • You have the right to request the deletion of your personal data according to Art. 17 GDPR and § 35 BDSG.
  • You have the right to request the restriction of the processing of your personal data according to Art. 18 GDPR.
  • You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format and to transfer this data to another controller according to Art. 20 GDPR.
  • If you have given us separate consent to data processing, you can revoke this consent at any time according to Art. 7 para. 3 GDPR. Such a revocation does not affect the lawfulness of the processing carried out based on the consent until the revocation.
  • If you believe that the processing of personal data concerning you violates the provisions of the GDPR, you have the right to lodge a complaint with a supervisory authority according to Art. 77 GDPR.

8. Right to Object

You have the right to object to processing based on Art. 6 para. 1 lit. e or f GDPR for reasons arising from your particular situation according to Art. 21 para. 1 GDPR. If we process personal data about you for direct marketing purposes, you can object to this processing according to Art. 21 para. 2 and 3 GDPR.

9. Data Protection Officer

You can reach our data protection officer at the following contact details:

Email: datenschutzbeauftragter@fobizz.com
Herting Oberbeck Datenschutz GmbH
Hallerstr. 76, 20146 Hamburg

Startseite

II. Data Processing on Our Website

When using the website, we collect information that you provide yourself. Additionally, certain information about your use of the website is automatically collected during your visit. In data protection law, the IP address is generally considered personal data. An IP address is assigned to every device connected to the internet by the internet provider so that it can send and receive data.

1. Processing of Server Log Files

When you use our website for informational purposes only, general information that your browser transmits to our server is automatically stored (i.e., not through registration). This includes, as a standard: browser type/version, operating system used, the page accessed, the previously visited page (referrer URL), IP address, date and time of the server request, and HTTP status code.

The processing is carried out to protect our legitimate interests and is based on the legal basis of Art. 6 para. 1 lit. f GDPR. This processing serves the technical administration and security of the website. The stored data will be deleted after 190 days unless there is a justified suspicion of unlawful use based on specific indications and further examination and processing of the information is required for this reason. We are not able to identify you as a data subject based on the stored information. Therefore, the rights under Art. 15 to 22 GDPR do not apply according to Art. 11 para. 2 GDPR unless you provide additional information that enables your identification to exercise your rights under these articles.

2. Contact Options and Inquiries

Our website contains contact forms through which you can send us messages. The transfer of your data is encrypted (recognizable by the “https” in the browser’s address line). All fields marked as mandatory are required to process your request. Failure to provide this information will result in us being unable to process your request. Providing additional data is voluntary. Alternatively, you can also send us a message via the contact email. We process the data to respond to your inquiry.

If your inquiry relates to the conclusion or performance of a contract with us, Art. 6 para. 1 lit. b GDPR is the legal basis for data processing. Otherwise, we process the data based on our legitimate interest in contacting inquiring persons. The legal basis for data processing is then Art. 6 para. 1 lit. f GDPR.

3. Newsletter

We offer the option to subscribe to our newsletter on our website. After subscribing, we will regularly inform you about current news regarding our offers. A valid email address is required to subscribe to the newsletter. To verify the email address, you will first receive a registration email, which you must confirm via a link (double opt-in). When you subscribe to the newsletter on our website, we process personal data such as your email address and name based on the consent you have given. The processing is based on the legal basis of Art. 6 para. 1 lit. a GDPR. You can revoke the consent given at any time with effect for the future, for example, via the “unsubscribe” link in the newsletter or by contacting us through the above-mentioned channels. The lawfulness of the data processing carried out based on the consent until the revocation remains unaffected.

When subscribing to the newsletter, we also store the IP address and the date and time of registration. The processing of this data is necessary to be able to prove the consent given. The legal basis arises from our legal obligation to document your consent (Art. 6 para. 1 lit. c in conjunction with Art. 7 para. 1 GDPR).

We also analyze the reading behavior and opening rates of our newsletter. We evaluate the data generated during the delivery and retrieval of our emails in aggregated and anonymized form (delivery rate, opening rate, click rates, unsubscribe rate, bounce rate, visits, completions) to measure the use and success of the emails. The legal basis for analyzing our newsletter is Art. 6 para. 1 lit. f GDPR, and the processing serves our legitimate interest in optimizing our newsletter. You can object to this at any time by contacting one of the above-mentioned contact channels.

Furthermore, we also evaluate the data generated during the retrieval and use of these emails by you (opening time, clicked hyperlinks, downloaded documents) and movement data on downstream websites in connection with your email address to provide you with individualized information in the future that best considers your interests and needs. We use the collected anonymous and personal data to provide you with personalized content and individualized information in our promotional emails and downstream websites. The legal basis for data processing in the context of emails is Art. 6 para. 1 lit. a GDPR. You can revoke the consent given at any time with effect for the future, for example, via the “unsubscribe” link in the newsletter or by contacting us through the above-mentioned channels.

4. Cookies

We use cookies and similar technologies (“cookies”) on our website. Cookies are small data sets stored by your browser when you visit a website. This marks the browser used and can be recognized by web servers. You have full control over the use of cookies through your browser. You can delete cookies at any time in your browser’s security settings. You can generally object to the use of cookies through your browser settings or for specific cases.

The use of cookies is partly technically necessary for the operation of our website and therefore permissible without the user’s consent. We may also use cookies to offer special functions and content and for analysis and marketing purposes. These may include cookies from third-party providers (so-called third-party cookies). We only use such technically unnecessary cookies with your consent according to § 25 para. 1 TTDSG and, if applicable, Art. 6 para. 1 lit. a GDPR. Information on the purposes, providers, technologies used, stored data, and the storage duration of individual cookies can be found in the privacy settings of our consent management tool.

Consent can be fully revoked at any time under the “Legal” section in the footer of the website or adjusted under “Change privacy settings.”

5. Consent Management Tool

This website uses the consent management tool Real Cookie Banner from devowl.io GmbH (Germany, EU) to manage cookies and the processing of personal data.

The consent banner allows users of our website to give consent to certain data processing processes or to revoke given consent. By confirming the “I accept” button or saving individual cookie settings, you agree to the use of the associated cookies. The legal basis for data protection is your consent according to Art. 6 para. 1 lit. a GDPR.

The banner also helps us to provide proof of the declaration of consent. For this purpose, we process information about the declaration of consent and other log data related to this declaration. Cookies are also used to collect this data. The processing of this data is necessary to be able to prove the consent given. The legal basis arises from our legal obligation to document your consent (Art. 6 para. 1 lit. c in conjunction with Art. 7 para. 1 GDPR).

6. Google Analytics

We use the Google Analytics service from Google Ireland Limited (Ireland, EU) on our website.

Google Analytics is a web analytics service that allows us to collect and analyze data about user behavior on our website. Google Analytics enables us to measure interaction data from various devices and sessions. This allows us to put individual user actions into context and analyze long-term relationships.

Google Analytics uses cookies to enable the analysis of the use of our website. Personal data in the form of IP addresses, device identifiers, and information about the interaction with our website are also processed. Some of this data is information stored on your device. Additionally, further information is stored on your device through the cookies used.

Google Ireland will process the data collected in this way on our behalf to evaluate the use of our website by users, compile reports on activities within our website, and provide us with other services related to the use of our website and internet usage. Pseudonymous user profiles of users can be created from the processed data.

The setting of cookies and the further described processing of personal data take place with your consent. The legal basis for data processing in connection with the Google Analytics service is therefore Art. 6 para. 1 lit. a GDPR. You can revoke this consent at any time with effect for the future through our consent management tool.

We use Google Analytics only with activated IP anonymization. This means that the IP address of users is shortened by Google Ireland within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The IP address transmitted by the user’s browser will not be merged with other data. The shortening of the IP address takes place on servers in the EU.

Data on user actions is stored for a duration of 2 months and then automatically deleted. The deletion of data whose storage period has expired takes place automatically once a month.

We also use Google Analytics advertising features (remarketing). This function allows us to display ads more targeted and present users with interest-based ads in connection with the cross-device functions of Google. Through remarketing, users are shown ads and products for which interest has been identified on other websites in the Google network. Through the function, we can link advertising target groups created through Google Analytics remarketing with the cross-device functions of Google Ads. This way, interest-based, personalized advertising messages that have been tailored to a user based on their previous usage and surfing behavior on one device (e.g., mobile phone) can also be displayed on another device of the user (e.g., tablet or PC).

If you have given the corresponding consent, Google will link your web and app browsing history with your Google account for this purpose. This way, the same personalized advertising messages can be displayed on any device you log in to with your Google account. The summary of the collected data in your Google account takes place exclusively based on your consent, which you can give or revoke at Google. For these linked services, data is collected for advertising purposes through Google Analytics. To support the remarketing function, Google Analytics collects the google-authenticated IDs of users, which are temporarily linked to our Google Analytics data. This serves to define and create target groups for cross-device advertising.

Further information on how data from websites or apps is used by Google for advertising purposes can be found in Google’s notes at: www.google.com/policies/technologies/ads/.

7. Google Ads

We use the online advertising program Google Ads from Google Ireland Limited (Ireland, EU) on our website, through which we place advertisements on the Google search engine. If you access our website via a Google ad, Google sets a cookie on your device (“conversion cookie”). Each Google Ads customer is assigned a different conversion cookie, so the cookies cannot be tracked across the websites of different Ads customers. The information obtained with the help of the cookie is used to create conversion statistics. This way, we learn the total number of users who clicked on one of our Google ads. However, we do not receive any information that allows users to be personally identified.

The processing of your data is based on your consent according to Art. 6 para. 1 lit. a GDPR.

The setting of cookies takes place with your consent, which you can revoke at any time with effect for the future through the consent management tool. When using the service, a transfer of your data to the USA cannot be excluded. Please note the information in the section “Data Transfer to Third Countries.” Further information on data protection at Google can be found in Google’s privacy notices at https://policies.google.com/privacy#infocollect.

8. Meta Pixel

We use the Meta Pixel, a Meta Business Tool from Meta Platforms Ireland Limited (Ireland, EU), on our website. Information on the contact details of Meta Platforms Ireland Ltd. and the contact details of the data protection officer of Meta Platforms Ireland Ltd. can be found in the data policy of Meta Platforms Ireland Ltd. at https://www.facebook.com/about/privacy.

The Meta Pixel is a JavaScript code snippet that allows us to track the activities of visitors on our website. This tracking is called conversion tracking. The Meta Pixel collects and processes the following information (so-called event data):

  • Information about actions and activities of visitors on our website, such as searching for and viewing a product or purchasing a product;
  • Specific pixel information such as the pixel ID and the Facebook cookie;
  • Information about buttons clicked by visitors on the website;
  • Information contained in HTTP headers, such as IP addresses, information about the web browser, the location of the page, and the referrer;
  • Information about the status of ad tracking deactivation/restriction.

Some of this event data is information stored on your device. Additionally, cookies are used by the Meta Pixel to store information on your device. Such storage of information by the Meta Pixel or access to information already stored on your device only occurs with your consent according to § 25 para. 1 TTDSG.

The event data collected via the Meta Pixel is used for targeting our ads and improving ad delivery on Meta products such as the social media platforms Facebook and Instagram, personalizing features and content, and improving and securing Meta products. For this purpose, the event data collected on our website via the Meta Pixel is transmitted to Meta Platforms Ireland Ltd. This collection and transmission of event data is carried out by us and Meta Platforms Ireland Ltd. as joint controllers. We have entered into an agreement with Meta Platforms Ireland Ltd. on joint processing, which sets out the distribution of data protection obligations between us and Meta Platforms Ireland Ltd. In this agreement, we and Meta Platforms Ireland Ltd. have agreed, among other things,

  • that we are responsible for providing you with all information according to Art. 13, 14 GDPR about the joint processing of personal data;
  • that Meta Platforms Ireland Ltd. is responsible for enabling the rights of data subjects according to Art. 15 to 20 GDPR concerning the personal data stored by Meta Platforms Ireland Ltd. after the joint processing.

You can access the agreement between us and Meta Platforms Ireland Ltd. at https://www.facebook.com/legal/controller_addendum.

For the subsequent processing of the transmitted event data, Meta Platforms Ireland Ltd. is solely responsible. Further information on how Meta Platforms Ireland Ltd. processes personal data, including the legal basis on which Meta Platforms Ireland Ltd. relies and the options for exercising your rights against Meta Platforms Ireland Ltd., can be found in the data policy of Meta Platforms Ireland Ltd. at https://www.facebook.com/about/privacy.

We have also commissioned Meta Platforms Ireland Ltd. to create reports on the effectiveness of our advertising campaigns and other online content (campaign reports) and to provide analyses and insights about users and their use of our website, products, and services (analyses) based on the event data collected via the Meta Pixel. For this purpose, we transmit personal data contained in the event data to Meta Platforms Ireland Ltd. The transmitted personal data is processed by Meta Platforms Ireland Ltd. as our processor to provide us with the campaign reports and analyses.

The collection and transmission of personal data by us to Meta Platforms Ireland Ltd. and the commissioned processing of personal data by Meta Platforms Ireland Ltd. to create analyses and campaign reports only take place if you have previously given your consent. The legal basis for the processing of personal data is therefore Art. 6 para. 1 lit. a GDPR.

9. YouTube

We use the YouTube service from Google Ireland Limited (Ireland, EU) on our website to embed videos. For such embedding, processing of your IP address is technically necessary to send the content to your browser. Your IP address is therefore transmitted to Google, and Google may set its own cookies. We use YouTube in “enhanced privacy mode,” so no cookies are set by YouTube to analyze user behavior.

The processing of your data is based on your consent according to Art. 6 para. 1 lit. a GDPR. Your consent is managed through our consent management and can be revoked at any time.

When using the service, a transfer of your data to the USA cannot be excluded. Please note the information in the section “Data Transfer to Third Countries.” Further information on data protection at Google can be found in Google’s privacy notices at https://www.google.com/policies/privacy.

10. Vimeo

We use the Vimeo service from Vimeo, Inc. (USA) on our website to embed videos. For such embedding, processing of your IP address is technically necessary to send the content to your browser. Your IP address is therefore transmitted to Vimeo, and Vimeo may set its own cookies.

The processing of your data is based on your consent according to Art. 6 para. 1 lit. a GDPR.

When using the service, a transfer of your data to the USA cannot be excluded. Please note the information in the section “Data Transfer to Third Countries.” Further information on data protection at Vimeo can be found in Vimeo’s privacy notices at https://vimeo.com/privacy.

III. Data Processing on Our Social Media Pages

We are represented on several social media platforms with a company page. This allows us to provide additional opportunities for information about our company and for exchange. Our company has company pages on the following social media platforms:

  • Facebook by Meta Platforms Ireland Limited (Ireland, EU), hereinafter “Meta”;
  • Instagram by Meta Platforms Ireland Limited (Ireland, EU), hereinafter “Meta”;
  • LinkedIn by LinkedIn Ireland Unlimited Company (Ireland, EU), hereinafter “LinkedIn”;

When you visit or interact with a profile on a social media platform, personal data about you may be processed. The information associated with a used social media profile regularly constitutes personal data. This includes messages and statements made using the profile. Additionally, certain information is often automatically collected during your visit to a social media profile, which may also constitute personal data.

1. Visiting a Social Media Page

When you visit our social media page, through which we present our company or individual products from our range, certain information about you is processed. The sole controller for this processing of personal data is the operator of the social media platform. Further information on the processing of personal data can be found in their privacy policies, which we link to below:

  • Meta (https://www.facebook.com/privacy/explanation). Meta offers the option to object to certain data processing; relevant information and opt-out options can be found at https://www.facebook.com/settings?tab=ads;
  • LinkedIn (https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy)

The operators of the social media platforms collect and process event data and profile data and provide us with anonymized statistics and insights for our pages, which help us gain insights into the types of actions people take on our page (so-called “page insights”). These page insights are created based on certain information about people who have visited our page. This processing of personal data is carried out by the social media operators and us as joint controllers. The processing serves our legitimate interest in evaluating the types of actions taken on our page and improving our page based on these insights. The legal basis for this processing is Art. 6 para. 1 lit. f GDPR.

We cannot assign the information obtained through the page insights to individual user profiles that interact with our pages. We have entered into agreements with the operators of the social media platforms on joint processing, which set out the distribution of data protection obligations between us and the operators. Details on the processing of personal data to create page insights and the agreements concluded between us and the operators can be found at the following links:

  • Meta (https://www.facebook.com/legal/terms/information_about_page_insights_data);
  • LinkedIn (https://legal.linkedin.com/pages-joint-controller-addendum);

You have the option to assert your rights against the operators as well. Further information can be found at the following links:

  • Meta (https://www.facebook.com/privacy/explanation);
  • LinkedIn (https://www.linkedin.com/help/linkedin/ask/PPQ?lang=de);

We have agreed with Meta and LinkedIn that the Irish Data Protection Commission is the lead supervisory authority overseeing the processing for page insights. You always have the right to lodge a complaint with the Irish Data Protection Commission (see www.dataprotection.ie) or any other supervisory authority.

2. Communication via Social Media Pages

We also process information you provide to us via our company page on the respective social media platform. Such information may include the used username, contact details, or a message to us. These processing operations are carried out by us as the sole controller. We process this data based on our legitimate interest in contacting inquiring persons. The legal basis for data processing is Art. 6 para. 1 lit. f GDPR. Further data processing may occur if you have consented (Art. 6 para. 1 lit. a GDPR) or if it is necessary to fulfill a legal obligation (Art. 6 para. 1 lit. c GDPR).

IV. Further Data Processing

1. Use of Email Address for Marketing Purposes

We may use the email address you provided during registration to inform you about our own similar products and services.

The legal basis is Art. 6 para. 1 lit. f GDPR in conjunction with § 7 para. 3 UWG. You can object to this at any time without incurring any costs other than the transmission costs according to the basic rates. To do so, you can unsubscribe by clicking the unsubscribe link in each mailing.

Version: 1.0, April 2024