Data privacy policy

We appreciate your interest in our website and in our products and services for secure identification in the home office. We take the protection of your personal data very seriously and would therefore like to inform you in this privacy policy both about the processing of your data in the context of this website and when contacting us, as well as inform you about your rights.

1. General notes

The following information provides a simple overview of what happens to your personal data when you visit our website or get in touch with us. Homebase solutions GmbH would like to inform you about the scope and purpose of the collected, used and processed data about you and would like to make you aware of your rights.

We always strive to design our internal processes in such a way that the processing of personal data under our responsibility is carried out in accordance with the applicable data protection regulations and that the rights of data subjects are guaranteed. When you use this website, various personal data will be collected. Personal data is all data with which you can be personally identified. This privacy statement explains the processing of this data, in particular what data we collect and what we use it for. It also explains how and for what purpose this is done.

Index of contents

1. General notes
2. Obligation to inform data subjects
3. Mandatory information on the responsible body
3.1. Name and address of the responsible body
3.2. Data protection officer
4. Definitions
5. Significant legal basis for processing
6. Processing of personal data, purposes, storage and deletion
6.1.Types of business-related data processed
6.2.Categories of affected persons
6.3.Purposes of processing
6.4.Storage of data
6.5.Erasure and restriction of processing of personal data
7. Handling of contact data
7.1.Sending e-mails for contact
7.2.Contact form
8. Data collection at the web server operator
9. Online use of third-party providers
9.1.Amazon CloudFront
9.2.Embed.ly
9.3.Webflow.com
9.4.Website Fonts
9.5.Google Tag Manager
10 Analysis of website usage and ads conversion
10.1.Analysis of website usage (Google Analytics)
10.2.Ads Conversion
11. Cookies
11.1.Cookie Processing
11.2.Overview of Cookies
12. YouTube
13. Application documents
14. Rights of the data subject
14.1.Right of access
14.2.Right to rectification and completion
14.3.Right to erasure and restriction of processing
14.4.Right to data portability
14.5.Right of withdrawal
14.6.Right to object
14.7.Right to lodge a complaint
14.8.Applicable national legislation
14.9.Claiming the rights of persons concerned
14.10.Procedure for requests
15. Online appearances in social networks
15.1.Explanations on the use and deployment of LinkedIn
15.2.Explanations on the use and deployment of Xing
16 Applicability
17. Automated decision-making
18. Security / Secure data transmission
19. Cooperation with processors and third parties
20. Updating the privacy policy

2. Obligation to inform data subjects

With the following text, we inform you in detail about the handling of your data, which you leave behind – knowingly or unknowingly – when you visit our website or contact us via an Internet connection. We would like to inform you of the circumstances in which information is collected from you, how it is handled and to whom it may be made available. We explain to you which data we collect, what we use it for and how and for what purpose this is done. Furthermore, as a data subject, you will be informed about your rights by means of this data privacy policy.

3. Mandatory information on the responsible body

3.1. Name and address of the responsible body

The controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data privacy nature is:
homebase solutions GmbH
Schwanthalerstr. 13D - 80336 München
represented byMr. Christoph Giese, Mr. Matthias Röbel
Telefon: +49 (0) 89 38859000
E-Mail:   info@homebase-solutions.com
You can find information about our imprint via the following link www.homebase-solutions.com/imprint.

3.2. Data protection officer

We have appointed a data protection officer for our company.Lutz Josef Schmid
Schmid Datensicherheit GmbH
Heidestraße 4
D - 92637 Weiden / Opf.
Telefon: +49 (0) 961/4712941

If you would only like to contact the data protection officer of homebase solutions GmbH about data privacy issues by e-mail, please send your request to: dsb.homebase-solutions@schmid-datensicherheit.de.

If you would like to contact homebase solutions GmbH directly regarding data privacy issues by e-mail, please send your request to: privacy@homebase-solutions.com.

4. Definitions

The privacy policy of the homebase solutions GmbH is based on the terms used for the adoption of the General Data Protection Regulation (GDPR). For a complete overview of the terminology used, such as “cross-border processing” or “processor”, we refer to the definitions in Art. 4 of the GDPR. Our privacy policy should be easy to read and understand. In order to ensure this, we would like to explain in advance the most important, explicitly used terms.

In this data protection declaration, we use the following terms:

a) personal data
The data subject is any identified or identifiable natural person whose fundamental rights and freedoms, and in particular their right to the protection of personal data, may be affected by the processing and free movement of such data.

b) data subject
Data subject means any identified or identifiable natural person whose fundamental rights and freedoms, and in particular whose right to the protection of personal data, may be affected by the processing and free movement of such data.

c) processing
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

d) controller or authority responsible for the processing
Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

e) recipient
Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data under a specific investigation mandate under Union or Member State law shall not be regarded as recipients. The processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

f) third party
Third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

g) consent
Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

h) processor
Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

6.2. Categories of affected persons

The following categories of data subjects may be collected by the data processing described here:
- Visitors and users of this online offer
- Interested parties who come into contact with us
- Existing customers who inform themselves or get in touch with us
- People who use our services

In the context of this privacy policy, the data subjects are collectively referred to as “users”.

6.3. Purposes of processing

The following list describes the purposes of the processing of personal data in connection with the data processing described here and the necessary information and services:
- Provision of the online offer, its functions and contents
- Answering contact requests and communication with users, customers and interested parties
- Provision of contractually agreed services
- Marketing and customer consultingSecurity measures

We will collect, process and use the personal data you provide online only for the purposes we have informed you about.

The collection, processing and use may also take place for a purpose that is directly related to the original purpose for which the personal data was collected. Personal data may also be processed for the purpose of investigating specific incidents, for inspection purposes, for statistical purposes and for billing purposes, with the data being anonymized or pseudonymized as far as possible.

Furthermore, personal data may be collected on the basis of legal obligations or an administrative or judicial order, or to justify or protect legal claims or to prevent illegal activities.

We will not sell or market your personal data to third parties, nor will we disclose your personal data beyond the data transmissions described here for any other reason.

6.4. Storage of data

We store the respective categories of personal data as long as they are necessary for the processing of the individual operation, are required for the purpose of processing and are based on a legal basis or if this is required by applicable legislation. Numerous retention periods require that data remain (must) be stored. This applies in particular to commercial or tax retention obligations (e.g. Commercial Code, Tax Code, etc.). If there are no further retention obligations, the data will be routinely deleted after the purpose of processing has been achieved.

Furthermore, we may store data if you have given us your permission to do so or if legal disputes arise and we use evidence for this within the scope of statutory limitation periods.

6.5. Erasure and restriction of processing of personal data

The data we process will be erased, blocked or restricted in its processing in accordance with Articles 17 and 18 of the GDPR. As soon as personal data is no longer necessary for its intended purpose or as soon as a prescribed storage period has expired in accordance with the statutory retention obligations, the personal data are routinely blocked or deleted in accordance with the statutory regulations. If the data are not deleted because they are necessary for other and legally permissible purposes, their processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be kept for commercial or tax reasons.

According to the legal requirements in Germany, the retention is for a period of 6 years in accordance with Section 257(1) of the German Commercial Code (commercial books, opening balance sheets, annual accounts, inventories, commercial letters, accounting documents, etc.) and for a period of 10 years in accordance with § 147(1) AO (General Fiscal Law) (such as books, accounting documents, records, management reports, commercial and business letters, documents relevant for taxation, et cetera).

7. Handling of contact data

Personal data is collected and stored by us when you provide it to us on your own initiative, for example when you contact us. If this concerns information about communication channels (e.g., e-mail address, telephone number), you also agree that we may contact you via this communication channel in order to process and answer your request. This information is communicated explicitly on a voluntary basis and with your consent. Of course, we will use the personal data transmitted to us in this way exclusively for the purpose for which you make it available to us when you contact us. This data will not be passed on to other third parties.

If you contact us by post, we may in particular process your address data (e.g., name, first name, street, place of residence, zip code), date and time of arrival of the letter, as well as the data resulting from your writing. If you contact us by phone, we will process your phone number, as well as any data collected during the conversation, such as your name, email address, time of call and details of your request.

7.1. Sending e-mails for contact

If you contact us via the above e-mail contact details of the responsible body or via the e-mail addresses mentioned on this website, we will also communicate with you by e-mail. The data you provide as part of this email communication will be processed via the mail servers of the service provider Hetzner Online. Hetzner Online GmbH, Industriestr. 25, D-91710 Gunzenhausen, Germany, is commissioned for the processing of personal data. Further information can be obtained from the data protection notice of the service provider Hetzner Online at Data Policy.

A transfer to third parties outside our network does not take place. A revocation regarding the use of your e-mail address is possible at any time for the future.Please note that e-mails sent without additional protective measures are neither secured against third-party knowledge nor against any alteration. This concerns both the communication partners and the content of the e-mail. If you want to provide us with confidential information, we recommend that you use alternative means of transmission, e.g., our contact form.

Homebase solutions GmbH will not send you any e-mails unsolicited. Should you receive e-mails with alleged sender address from our company that you cannot assign, it is most likely that they are forgeries (so-called fake e-mails) and you should delete them.

7.2. Contact form

If you send us inquiries via contact form, the information you provide in the inquiry form, including the contact data you enter there, will be stored by us for the purpose of processing the request and in case of follow-up questions. This data is transmitted via systems of the web server and mail server operator (see information about e-mail dispatch and the web server operator). We will not pass on this data without your consent. The processing of the data entered in the contact form takes place only on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. Your contact details will be stored at least until your request has been completed and then deleted. In the event of a legal provision (e.g., contract of sale), your data will be stored in accordance with the statutory time limit.

The data entered by you in the contact form remains with us until you request us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g., after your request has been processed). Your entered data are also processed at the web server operator and the e-mail service provider. Fro more information see paragraph above and the following chapter. An informal message by e-mail to us is sufficient for the revocation or deletion. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation. Mandatory statutory provisions – in particular retention periods – remain unaffected.

8. Data collection at the web server operator

The web server operator – also called web hosting provider – provides access to the website and the web pages of homebase solutions GmbH on the Internet. The provider’s IT system automatically collects data about every access to this website (so-called server log files). Every visit to our website is therefore logged.

The data collection with the server operator is carried out with the following purpose limitation:
- detection of and protection against all kinds of cyberattacks (system security);
- maintaining the operational state of operation (smooth connection establishment and convenient use of the website);
- monitoring the functionality of server systems (system stability).

Scope of data collection and storage at the web server operator:
With each access to a page from the website of homebase solutions GmbH and every time a file is retrieved, the web hosting provider stores data about this process in the server log files – also called logging. In particular, the following dataset is saved via each retrieval:
- name of the retrieved file
- date and time of retrieval
- volume of data transferred
- message if the retrieval was successful

In the server log files, the web hosting provider additionally stores information that your browser automatically transmits to the web server for technical reasons. These are:
- browser type, version of the browser software, language of the browser
- operating system used
- referrer URL (the previously visited page)
- host name of the requesting device (IP address)
- time of server request

he web server operator uses the log data only for statistical evaluations for the purposes mentioned above. However, the web server operator reserves the right to retrospectively check the log data if there is a legitimate suspicion of illegal use on the basis of concrete indications. Personal storage of this data does not take place. This data will not be merged with other data sources. Your IP address will be deleted promptly by the web server operator in accordance with the legal requirements (at the latest after 7 days) or anonymized by shortening the IP address at domain level.We cannot conclude from the IP address you currently use, as this data would not be transmitted to us by your provider on request. We cannot – and do not want – understand which user has retrieved which data. The aforementioned data will not be passed on to third parties, even in excerpts, or in combination with other data.For the provision of our website, the web hosting provider is .webflow GmbH, Wasserburger Straße 4, 83352 Altenmarkt a. d. Alz, Germany. For further information, please refer to the privacy policy of the provider .webflow at this site.

The legal basis for the processing of this data is our legitimate interest in providing the website for our services (Art. 6 para. 1 lit. f GDPR). Processing is a mandatory requirement for the use of our website, therefore there is no right to object.

9. Online use of third-party providers

Third-party providers whose functions and content are integrated into our website and commissioned by us, process various data directly in your browser or on your device when providing these contents or functions. For example, for the execution of a service of a provider, your IP address may be transmitted. Without knowledge of this IP address, the information presented by the providers cannot be sent and displayed to your browser. The IP address is therefore required for the transmission of this content. When you visit our website, we do not link your interactions with information that makes it possible to identify individuals directly. The use of third-party providers is based on our legitimate interests for a high-performance and user-friendly design of the content and operation of our website. For individual third-party providers, the legal basis is named in the respective subchapter below.

9.1. Amazon CloudFront

We integrate static and dynamic web content through the Amazon CloudFront web service to deliver our content faster. CloudFront accelerates the distribution of content by forwarding each user request through the AWS backbone network to the Edge location, which is the best way to deliver the content. The responsible body is Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy L-1855, Luxemburg.

The purpose and scope of the data collection through the further processing and use of the data by the aforementioned service provider as well as your rights in this regard can be found in the respective data protection regulations of the service provider: aws.amazon.com/privacy

9.2. Embed.ly

Embed.ly provides tools and interfaces that we use to integrate our media content into our website, especially for YouTube. With Embed.ly, we set up a so-called Content Delivery Network (CDN) to improve the display and loading times of the content, e.g., through image optimization. Responsible body is A Medium Corporation, 799 Market Street, 5th floor, San Francisco, CA 94103, California, USA. It cannot be excluded that information may be transmitted to a server in the USA.

The purpose and scope of the data collection through the further processing and use of the data by the aforementioned service provider as well as your rights in this regard can be found in the respective data protection regulations of the service provider: embed.ly/legal/privacy.

9.3. Webflow.com

Webflow makes it possible to create professional and custom websites with easy-to-realizable integration of diverse content and high flexibility in terms of custom code. Webflow is used by us as a so-called content management system (CMS). The responsible body is Webflow, Inc., 398 11th St, San Francisco, California, USA.

The purpose and scope of the data collection through the further processing and use of the data by the aforementioned service provider as well as your rights in this regard can be found in the respective data protection regulations of the service provider: webflow.com/legal/eu-privacy-policy (for the EU) or webflow.com/legal/privacy (international).

9.4. Website Fonts

This website uses statically integrated web fonts on our web server. Your browser does not connect to an external server for loading these font files (as cascading style sheets). When accessing one of our websites, your browser loads the required web fonts into your browser cache to display texts and fonts correctly. If your browser does not support web fonts, a default font installed on your computer will be used.

9.5. Google Tag Manager

This website uses Google Tag Manager, provided you have consented to the use of the Google Tag Manager. Google Tag Manager is a Google tool for managing and configuring the collection and usage of data when browsing our website. The corresponding settings are set in our website. As soon as the Google Tag Manager is executed, at least your IP address can be forwarded to Google. Provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and for Europe it is Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.

The Google Tag Manager processes information (including privacy data) by using so-called tags and triggers. Tags are information embedded in a website and evaluated by other services. Triggers are events that trigger the activation of tags, e.g., when a user clicks on an active element or scrolls the website. The Google Tag Manager makes the relevant data available to other Google services and the Google analysis tool in an appropriate form. It cannot be excluded that Google also transmits the information to a server in a third country. General information about the Google services can be found in Google’s privacy policy, further information on Google Tag Manager can also be found at the site. In the context of processing to be carried out on behalf of a controller, Google is entitled to contract subcontractors. A list of these subcontractors can be found here.

10. Analysis of website usage and ads conversion

This website uses functions for analyzing and statistically evaluating the usage of our website. Web analysis is the collection, accumulation and evaluation of data about the behavior of visitors to websites. The analysis is used to record which individual subpages of the website have been accessed or how often and for which duration a subpage was viewed. Web analysis is used by us to optimize our Internet pages and for the cost-benefit analysis of Internet advertising. This enables us to design our website adapted to customer behavior.

There is currently no adequacy decision pursuant to Art. 45 GDPR for the use of Google Analytics. However, transmission may be based on standard contractual clauses. Google has committed itself to comply with the standard contractual clauses for the transfer of personal data to third countries in accordance with Article 46 para. 2 lit. d (Standard Contractual Clauses — SCC). For more information on the standard contractual clauses, see ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en and Google Policies

10.1. Analysis of website usage (Google Analytics)

By integrating Google Analytics, we pursue the purpose of analyzing user behavior on our website and being able to react to this. This allows us to continuously improve our information for you and our product offering.The analysis is done with the help of the Google Tag Manager. In this process, the cookies typical for Google Analytics are set. Data generated by Google functions (services) and data from cookies can be transferred from your browser to a Google server. The Google services are provided by Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA („Google“). Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland is authorized for the processing of data in Europe. For more information on the handling of user data and its analysis at Google, please refer to Google’s privacy policy

Consent to data processing

Before using the analysis, we obtain your permission to process cookies and to use the analysis service in the displayed consent window. In doing so, we comply with the data protection authorities’ requirements for consent when using analytics services and the setting of cookies by these services.

Browser configuration and Browser-Plugin

You can minimize or prevent the transfer of personal information to Google by appropriate settings in your browser or through the use of special plugins for your browser, with which you can, for example, prevent the setting of cookies. For details on cookies, please refer to the next chapter.

Objection to data collection

You can prevent the collection of your data by Google Services by clicking on the following link. An opt-out cookie is set to prevent the collection of your data during future visits to this website: tools.google.com/dlpage/gaoptout?hl=de.

IP anonymization

We use the function “IP anonymization” on this website for analysis by Google. This means that your IP address is shortened before processing within member states of the European Union or in other contracting states to the Agreement on the European Economic Area.

10.2. Ads Conversion

Homebase solutions GmbH places advertisements on the social network LinkedIn. In order to evaluate this measure, the so-called ads conversion is used. A script from LinkedIn (LinkedIn conversion tracking) is loaded for this purpose. LinkedIn conversion tracking is used to track visitors that are redirected from LinkedIn ads (or the LinkedIn company profile).

By evaluating the information provided by LinkedIn, it is clear to us that someone clicked on the ad and was forwarded to our website. This information does not contain any personal data and is therefore not used for personal identification. We analyze the effectiveness of advertising measures only through statistical evaluation of non-personal data.

The LinkedIn conversion tracking service is provided by LinkedIn Corporation, 605 W Maude Ave, Sunnyvale, CA 94085, California, USA. LinkedIn EMEA HQ, 2 Wilton Plaza, Dublin 2, Ireland is authorized for the processing of data in Europe. For more information on the handling of user data and its analysis at Google, please refer to LinkedIn’s privacy policy.

11. Cookies

This website stores cookies on your computer system via the Internet browser you use. Cookies are small text files that are transferred and stored by a website via an Internet browser on a computer system – the user’s device. Numerous websites and servers use cookies. Cookies do not cause damage to your computer and do not contain viruses.

So-called http cookies (also “browser cookies”) have a name and a corresponding value (content) and are assigned to the visited website or a service used on this website. These cookies are either deleted automatically when the browser is closed (so-called “transient” cookie) or have a defined expiry date (so-called “persistent cookie”). Many cookies contain a unique identifier as a value. Such cookies contain a so-called cookie ID. The cookie ID consists of a string through which websites and servers can be assigned to the specific Internet browser in which the cookie was stored. This enables the visited websites and servers to distinguish the individual browser of the data subject from other Internet browsers that contain other cookies. 

A specific Internet browser can be recognized and identified via the unique cookie ID.

This website uses cookies to make the website more user-friendly and functional. We also use cookies to statistically gather the range of our advertising activities. Thanks to these files, for example, it is possible to store certain settings and data via your browser for exchange with our system and thus display information tailored to individual interests on a web page. By means of information stored in cookies, the loading time of the website can be shortened. Security-relevant functions to protect your privacy are also made possible by the use of cookies. One purpose is therefore to best adapt our offer to your customer’s wishes and to make the use of the page as comfortable as possible. We also use cookies for analysis and for statistical evaluation of the use of our websites. In accordance with the GDPR, we are obliged to inform our users about the collection and evaluation of such data. The legality of the processing is already described in the chapter “Significant legal basis for processing”. The legal basis for technically necessary cookies is Art. 6 para. 1 lit. f GDPR regarding our interest in a proper presentation of the website and the Protection of Privacy in Telecommunications and Telemedia (§ 25 para. 2 No. 2 Telekommunikation-Telemedien-Datenschutz-Gesetz (TTDSG)). The legal basis for technically necessary cookies is Art. 6 para. 1 lit. a GDPR (user consent) and the Protection of Privacy in Telecommunications and Telemedia (§ 25 para. 1 Telekommunikation-Telemedien-Datenschutz-Gesetz (TTDSG)).

11.2. Overview of Cookies

When visiting our website and especially when visiting further links, various cookies can be placed on your system. The following list shows an overview of the cookies we directly influence, which are displayed in the cookie banner described above or can be selected and unselected.

Google may set cookies via partner companies, such as DoubleClick. For more information, please visit this site. If you wish to disable DoubleClick cookies on your browser please visit this website

Essential (not deselectable) cookies
Essential cookies enable basic functions and are necessary for the proper functioning of the website.
1.
Cookie name: Cookie-Consent
Name: Cookiebot Cookie
Vendor: Owner of this website
Purpose: Stores the user's cookie consent state for the current domain.
Validity Period: approx. 1 year 
2.
Cookie name: li_gc
Name: LinkedIn tracking conversion consent cookie
Vendor: linkedin.com
Purpose: Stores the user's cookie consent state for the LinkedIn tracking conversion.
Validity Period: approx. 2 years 
3.
Cookie name: CONSENT
Name: Youtube consent cookie
Vendor: youtube.com
Purpose: Stores the user's cookie consent state for playing Youtube videos.
Validity Period: approx. 2 years 


Statistics Cookies
Statistics cookies help us understand how our visitors use our website. The statistics information is collected with a partially anonymized IP address.
1.
Cookie name: _ga
Name: Google analytics 
Vendor: Google LLC
Purpose: These cookies from Google for website analyses contain a randomly generated user ID. With this ID, Google Analytics can recognize recurring users on this website and merge the data from previous visits.
Validity Period: approx. 2 years 
2.
Cookie name: _gid
Name: Google analytics 
Vendor: Google LLC
Purpose: These cookies from Google for website analyses contain a randomly generated user ID. With this ID, Google Analytics can recognize recurring users on this website and merge the data from previous visits.
Validity Period: approx. 1 day
3. 
Cookie name: _gat_gtag...
Name: Google analytics 
Vendor: Google LLC
Purpose: This cookie is used to optimize information forwarding to Google and to reduce the amount of data transmitted.
Validity Period: approx. 1 minute 
4.
Cookie name: collect
Name: Google analytics 
Vendor: Google LLC
Purpose: Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels.
Validity Period: until end of session
5.
Cookie name: AnalyticsSyncHistory
Name: Google analytics 
Vendor: Google LLC
Purpose: Used in connection with data-synchronization with third-party analysis service.
Validity Period: approx. 29 days 

Conversion tracking (LinkedIn) cookies
These cookies support the measurement of click data so that conversions can be captured effectively.
1.
Cookie name: UserMatchHistory
Name: LinkedIn service usage cookies
Vendor: LinkedIn
Purpose: Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences.
Validity Period: approx. 29 days
2.
Cookie name: bcookie
Name: LinkedIn service usage cookies
Vendor: LinkedIn
Purpose: Used by the social networking service, LinkedIn, for tracking the use of embedded services.
Validity Period: approx. 2 years
3.
Cookie name: bscookie
Name: LinkedIn service usage cookies
Vendor: LinkedIn
Purpose: Used by the social networking service, LinkedIn, for tracking the use of embedded services.
Validity Period: approx. 2 years
4.
Cookie name: lidc
Name: LinkedIn service usage cookies
Vendor: LinkedIn
Purpose: Used by the social networking service, LinkedIn, for tracking the use of embedded services.
Validity Period: approx. 1 day


LinkedIn Ads Cookies
Language management cookies increase the ease of use of website visitors.
1.
Cookie name: lang
Name: Language selection cookie
Vendor: LinkedIn
Purpose: Remembers the user's selected language version of a website.
Validity Period: until end of session

Google advertising cookies
Advertising support in Google services
1.
Cookie name: ANID
Name: Google ads controlling cookies
Vendor: Google LLC
Purpose: Used for the personalization of advertising.
Validity Period: approx. 13 months or 24 months
2.
Cookie name: NID
Name: Google ads controlling cookies
Vendor: Google LLC
Purpose: Controls the display of Google ads in Google services for unsubscribed users.
Validity Period: approx. 6 months
3.
Cookie name: IDE
Name: Double-Click
Vendor: Google LLC
Purpose: These cookies are set by a third party (DoubleClick) and are used for serving targeted advertisements that are relevant to you across the web. Targeted advertisements may be displayed to you based on your previous visits to this website. For example, advertisements about a topic you have expressed an interest in while browsing our site may be displayed to you across the web. In addition, these cookies measure the conversion rate of ads presented to the user.
Validity Period: approx. 18 months

External Media Cookies
Making Youtube videos available on the website
1.
Cookie name: VISITOR_INFO1_LIVE
Name: Video playback statistics
Vendor: Youtube (Google)
Purpose: Tries to estimate the users' bandwidth on pages with integrated YouTube videos.
Validity Period: 179 days
2.
Cookie name: YSC
Name: Video statistics
Vendor: Youtube (Google)
Purpose: Registers a unique ID to keep statistics of what videos from YouTube the user has seen.
Validity Period: until end of session

Google may set cookies via partner companies, such as DoubleClick. For more information, please visit Google Privacy. If you wish to disable DoubleClick cookies on your browser please visit this website

You can set your browser software so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies in certain cases or generally prevent the storage of cookies and activate the automatic deletion of cookies when closing the browser. How this works in detail can be found in the instructions of your browser manufacturer. However, we would like to point out that in this case you may not be able to make full use of all functions of this website. Stored cookies can be deleted in the browser’s system settings. 

12. YouTube

We use videos made available on YouTube to present and promote our products and present our services. The operator of the YouTube platform is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA, which is a subsidiary of Google (see sections above). The company providing the service in the European Economic Area and Switzerland is Google Ireland Limited, established in Gordon House, Barrow Street, Dublin 4, Ireland. References to YouTube’s “related companies” refer to the companies of the Alphabet Inc. group, USA. Information on data protection when using YouTube can be found at YouTube Privacy.

Links to our YouTube videos on this website lead directly to the presentations preconditioned to your consent. If you are logged in to your YouTube account, YouTube becomes aware of the video you have accessed. YouTube also allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.

13. Application documents

The collection and processing of data from your personal application is exclusively for the purpose of filling vacancies in our company. Please note the protection of the confidentiality of your personal data when sending or submitting application documents, such as CV, certificates and cover letter. Applications for applications that did not lead to the recruitment will be deleted 3 months after the end of the application process. If you have given us your consent for further storage, your application documents will be deleted after 12 months. In the case of applications that have led to a recruitment, the documents will be transferred to our staff management. The legal basis for the processing of your personal data during the application process is primarily § 26 BDSG in the version in force from 30 June 2017.

14. Rights of the data subject

Within the framework of the applicable legal requirements, you are entitled to various data protection rights, which are explained in the following subsections.

14.1. Right of access

As a user, you have the right granted pursuant to Art. 15 GDPR para. 1 on your request free of charge to request confirmation as to whether the data concerning you are being processed.

In accordance with Art. 15 GDPR, you have the right to obtain information on your request free of charge about the data processed by us as well as further information and a copy of the data. This relates, inter alia, to the following information:
– the processing purposes; 
– the categories of personal data being processed; 
– the recipients or categories of recipients to whom the personal data have been or are still being disclosed, in particular recipients in third countries or international organizations; 
– if possible, the planned duration for which the personal data is stored, or, if this is not possible, the criteria for determining that period, the existence of a right to rectification or erasure of personal data concerning them or restriction of processing by the controller or a right to object to such processing; 
– the existence of a right to lodge a complaint with a supervisory authority if the personal data are not collected from the data subject: All available information on the origin of the data.

The right of access may be restricted, for example, by trade secrets or if the restriction is necessary for research purposes. In addition, the right of access may be restricted by other applicable laws.

14.2. Right to rectification and completion

In accordance with Art. 16 GDPR, you have the right to request the completion of the data concerning you or the correction of the incorrect data concerning you.

The right to rectification can only be fulfilled in accordance with your request if this does not conflict with a legal obligation to store data (e.g., commercial requirements).

14.3. Right to erasure and restriction of processing

In accordance with Art. 17 GDPR, you have the right to request that data in question be deleted immediately or alternatively to request a restriction or blocking of the processing of the data in accordance with Art. 18 GDPR. An erasure must be carried out if one of the following reasons applies and processing is not necessary:
 – The personal data has been collected for such purposes or otherwise processed for which it is no longer necessary. 
– The data subject revokes his consent on which the processing was based in accordance with Article 6 para. 1 lit. a of the GDPR or Article 9 para. 2 lit. a GDPR, and there is no other legal basis for the processing. 
– The data subject objects to the processing pursuant to Article 21 para. 1 of the GDPR, and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21 para. 2 of the GDPR. 
– The personal data has been processed unlawfully. 
– The erasure of personal data is necessary to fulfil a legal obligation under Union law or the law of the Member States to which the controller is subject. 
– The personal data was collected in relation to information society services offered pursuant to Art. 8 para. 1 GDPR.

The right to erasure can only be fulfilled in accordance with your request if this does not conflict with a legal obligation to retain data (e.g., commercial requirements).

14.4. Right to data portability

You have the right to request the personal data concerning you that you have provided to us in accordance with Art. 20 GDPR and to request their transfer to other controllers or another legal person. We will provide you with the data in a structured, common and machine-readable format (e.g., PDF).

The right to data portability may be restricted, for example, by trade secrets or where the restriction is necessary for research purposes. In addition, the right to data portability may be restricted by other applicable laws.

14.5. Right of withdrawal

You have the right to revoke granted consent pursuant to Art. 7 para. 3 GDPR with effect for the future.

14.6. Right to object

You can object to the future processing of the data concerning you at any time in accordance with Art. 21 GDPR. The objection can be made, in particular, if the processing is based on our legitimate interest (unless we can demonstrate compelling legitimate grounds for the processing).

14.7. Right to lodge a complaint

In accordance with Article 77 of the GDPR, you also have the right to lodge a complaint with the competent supervisory authority, in particular in the Member State of their place of residence, place of work or the place of the alleged infringement, if you, as a data subject, consider that the processing of personal data concerning you violates the GDPR.

14.8. Applicable national legislation

Any other or other rights under the applicable national law shall not be affected by the rights set out in this declaration.

14.9. Claiming the rights of persons concerned

To claim your rights, you can contact us directly at any time via the contact details of the responsible body or the data protection officer (see contact information in the upper part of this declaration).

If you believe that the processing of your data carried out by us violates data protection law or that your data protection claims have otherwise been violated in a way, you can complain to the supervisory authority pursuant to Art. 77 GDPR (in conjunction with § 19 DSAnpUG-EU (BDSG-new)). In Bavaria this is the Bavarian State Office for Data Protection Supervision, Promenade 18, 91522 Ansbach, Germany.

14.10. Procedure for requests

We will usually respond to your request within one month of receipt. In exceptional cases, we may extend this period by 2 additional months after prior notice. If a request from a data subject provides insufficient information to process the request, we reserve the right to request further information from you. If we reject a request or are unable to respond meaningfully, we will justify this matter to the data subject.

15. Online appearances in social networks

Homebase solutions GmbH provides its information on so-called social networks. These appearances are available on LinkedIn und Xing. For this purpose, social media buttons are integrated on our website, which lead to our respective appearances on the social networks. These social media buttons only provide a link to the respective provider. As long as these buttons are not clicked, no data transmission to these providers takes place. Details are explained in the following paragraphs.

A social network is a social meeting place operated on the Internet, an online community that usually allows users to communicate with each other and interact in virtual space. LinkedIn and Xing enable users of the social networks, among other things, to create private profiles, upload photos and network via friendship requests.

Please note that data processing by social networks can take place outside the European Union. We have no influence on the extent of the data that is collected by the operator of the network when visiting our presence in the social networks.

15.1. Explanations on the use and deployment of LinkedIn

Homebase solutions GmbH has an appearance on the social network LinkedIn. LinkedIn is a social network focused on business contacts. The operating company of LinkedIn is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. By visiting our LinkedIn presence while you are logged into your LinkedIn account at the same time, the content of our information can be linked to your LinkedIn profile. As the operator of this appearance, we have no possibility of accessing transmitted data, as well as no knowledge of their content and use by LinkedIn. We have no influence on the extent of the data collected by the use of LinkedIn. If you are not a member of the social network, there is still the possibility that the provider will find out and store your IP address.

The purpose and scope of the data collection by the further processing and use of the data by the aforementioned service provider as well as your rights in this regard can be found in the respective data protection provisions of the service provider: www.linkedin.com/legal/privacy-policy.

15.2. Explanations on the use and deployment of Xing

Homebase solutions GmbH has an appearance on the social network Xing. Xing is a social network with a focus on professional contacts. The operating company of Xing in Germany is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany. Xing International is based in Spain at XING Spain, Consell de Cent, 334-336, 1º 1ª, 08009 Barcelona, Spain. By visiting our Xing presence while you are logged into your Xing account at the same time, the content of our information can be linked to your Xing profile. As the operator of this appearance, we have no possibility of accessing transmitted data, as well as no knowledge of their content and use by Xing. We have no influence on the extent of the data collected by the use of Xing. If you are not a member of the social network, there is still the possibility that the provider will find out and store your IP address.

The purpose and scope of the data collection by the further processing and use of the data by the aforementioned service provider as well as your rights in this regard can be found in the respective data protection provisions of the service provider: privacy.xing.com.

16. Applicability

This Privacy Policy is intended to inform users of our website publicly about the nature, scope and purpose of the collection and use of personal data by the website operator [homebase solutions GmbH] in accordance with the European General Data Protection Regulation and in accordance with the country-specific data protection regulations and the German Telemedia Act. The website operator takes your data protection very seriously and treats your personal data responsibly and in accordance with legal regulations.

We would like to point out that data transmission through public networks (e.g., when communicating via e-mail on the Internet) may have security vulnerabilities. Complete and consistent protection of the data, in particular metadata from access by third parties, is not possible. For this reason, every data subject is free to transmit personal data to us by alternative means, for example by telephone or by post.

17. Automated decision-making

The secure identification in the home office offered by us as a service is based on an automated procedure for which consent is required. As a responsible company, we do not perform profiling and do not use automatic decision-making except for our services.

18. Security / Secure data transmission

We strive to take technical and organizational security measures to protect your personal data and confidential content against unintentional or unlawful deletion, alteration or loss and against unauthorized disclosure or unauthorized access. This website uses an encrypted connection, which you recognize by the fact that the address line of the browser changes from “http://” to “https://” and that a lock icon is displayed in your browser line. As transport encryption, we offer HTTPS with Perfect Forward Secrecy and a current version of the encryption protocol TLS for our website. We recommend that you keep your Internet browser up-to-date, so that your data is transmitted securely on the route of transport.

19. Cooperation with processors and third parties

If we involve or commission other persons or companies (processors or third parties) in connection with the processing of personal data, this will only be done in accordance with appropriate legal bases. This assignment may include disclosure, transmission or access of or on data based on a legal permission, your consent, a legal or contractual obligation, or on the basis of our legitimate interests. The commission of third parties for the processing of data on behalf is based on order processing contracts in accordance with Art. 28 GDPR.

20. Updating the privacy policy

The ongoing technical development in the area of IT technology and the Internet as well as the continuous improvement of our services may also require an adaptation of the existing data protection declaration. We therefore reserve the right to make additions or changes to this privacy policy in compliance with the applicable data protection regulations.