1. About us
We, Talentry GmbH, are responsible for the collection, processing, and storage of your data. You can obtain our details from our legal notice at any time.
The careful handling of your personal data is of paramount importance to us. In the course of processing, we comply with the statutory provisions, for example, the General Data Protection Regulation (GDPR) and with the national regulations relating thereto.
This data protection policy applies to all websites of our group accessible under our domains (www.talentry.com, www.talentry.de, blog.talentry.com). Where you move to websites of other operators in the course of accessing our offering, the data protection provisions, for the content of which those operators are responsible, apply on those sites.
Since we wish to give you a comprehensive overview of the processing of personal data in our business, you will find below an overview of all our services in the course of which we collect and process personal data.
Where separate or additional conditions apply for individual services or we are asking for consent, we shall inform you specifically in advance of the respective service (for instance for the newsletter or when you are making contact with us).
In addition, we take various security precautions to protect your personal data. This means that the transfer between your web browser and our servers for instance is always transport-encrypted; we also maintain a number of technical and also organisational measures to protect your data constantly.
2. Why we process your data
You can always use our website without revealing your identity. If you register for our newsletter or wish to make contact with us, we ask for your name and other personal information. It is your decision whether you provide this (broader) data. Data that is a mandatory requirement from you in order to provide our services is designated as such.
The collection and processing of your personal data is carried out for the following purposes on the basis of the following legal grounds:
- Contract initiation under Art. 6 1. (a) and (b) GDPR
- Contract performance under Art. 6 1. (b) GDPR
- Client management under Art. 6 1. (b), (c) and (f) GDPR
- Communications and data exchange under Art. 6 1. (a), (b), (c) and (f) GDPR
- External communications and advertising under Art. 6 1. (a) and (f) GDPR
- Implementation of informed consent under Art. 6 1. (a) GDPR
- Securing the proper operation of a data processing system under Art. 6 1. (c) and (f) GDPR
- Applicant selection procedure in the course of personnel and resources administration on the basis of Art. 6 1. (a) and (b) GDPR in conjunction with S.26 new German Federal Data Protection Act
3. Your data that we collect and process
We collect various categories of personal data from you. Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name. Personal data includes for instance information such as your name, your address, your telephone number, and your date of birth (where provided). Statistical information that cannot be connected to you directly or indirectly – such as for instance the popularity of individual web pages of our offering or the number of users of a page – is not personal data. This includes directly and indirectly collected data. In both cases data are collected only to the extent necessary; the data are processed exclusively for the purposes set out in paragraph 2. Whether you wish to pass data to us that optimise the use of our services for you but that are not necessary for that use, is your decision. Corresponding data fields are designated “voluntary”.
The directly collected data comprise:
- Email address, for instance for the purposes of the newsletter or to make contact using our contact form
- Applicant details to implement our online application procedure
- Data that you pass to us actively and consciously in the course of using our services,
- Further data that you pass to us voluntarily, for instance data fields designated “voluntary” and completed by you
In addition to this during the course of using our services data concerning you are collected indirectly:
- Technical connection data, for instance, the pages of our web offering accessed, your IP address, shortened by the last three numbers, date and time of access, a device used, browser configuration data.
- Data collected in the course of web page tracking and newsletter tracking
Our website is not aimed at underage persons and we also do not knowingly collect the personal data of underage persons.
Where persons under the age of 16 pass personal data to us, this is only permitted where the person with parental authority has him/herself agreed or has approved the agreement of the young person. For this purpose, the contact data of the person with parental authority must be provided to us under Art.8 2. GDPR in order that we may be certain of the consent or the approval of the person with parental authority. These data and the data of the under-age person are then processed in accordance with this data protection policy.
Where we ascertain that an under-age person under 16 years has sent us personal data without the agreement of the person with parental authority or his/her approval of the agreement of the under-age person, the data shall be erased immediately.
4. Who has access to your data and to whom we pass your data
Access to your personal data stored by us is restricted to our employees and to the service providers commissioned by us who need to deal with this personal data to perform their tasks.
If you decide to register through or otherwise grant access to a third-party integrated service such as Google or Microsoft, Talentry may also collect Personal Information that is already associated with your integrated service account. You may also have the option of sharing additional information with Talentry.
If you decide to use Talentry as email client, we will only use access to read, write, modify, or control message bodies (including attachments), metadata, headers, and settings to provide a web email client that allows users to compose, send, read, and process emails. Talentry will adhere to Google’s Limited Use Requirements and Microsoft Privacy Statement.
Where third parties are given access to your data, we have obtained your permission for this or there is a legal ground for it.
We also employ service providers to provide services and to process data (inter alia for hosting, newsletter distribution, dispatch of letters or emails and the maintenance and analysis of databases, the protection of our web server, or for tracking web pages). Where special provisions apply for this, we have listed these below according to the respective service for you. The service providers process the data exclusively at our direction and are under an obligation to comply with the applicable data protection provisions. All processors have been carefully selected and receive access to your data only to the extent and for the necessary time required to provide the services or to the extent to which you have agreed to the processing and use of the data.
Transfer to third countries and legal basis
The servers of some of the service providers employed by us are situated in the USA and other countries outside the European Union. Undertakings in these countries are subject to a data protection law that does not generally protect personal data to the same extent as is the case in the member states of the European Union. Where your data are processed in a country that does not have data protection to the acknowledged high level of the European Union, we ensure through contractual provisions or other recognized instruments that your personal data are appropriately protected. We will advise you of this again expressly in the context of the individual services.
Where a transfer of personal data to third countries occurs, this is on the basis of the EU-US Privacy Shield decision in accordance with Art. 45 GDPR or the 2010 Decision on standard contractual clauses, in accordance with Art. 46 2. (c) GDPR in conjunction with the Decision of the EU Commission of 05.02.2010 (2010/87/EU) or on the basis of your consent in accordance with Art. 49 1. (a) GDPR.
Transfer to prosecution and criminal investigation authorities
In exceptional cases, we transfer personal data to prosecution and criminal investigation authorities. This occurs on the basis of relevant statutory obligations, for instance under the Criminal Procedure Code, the Tax Code, the Money Laundering Act or state police laws.
5. Storage periods
We store personal data in accordance with statutory regulations or your consent.
To determine actual storage periods we use the following criteria:
We store the personal data until the purposes for which they were collected come to an end (for instance at the termination of a contractual relationship or following final activity, where there is no continuing obligation, or where you withdraw your consent to the specific data processing).
Storage beyond this occurs only where
- there are statutory retention requirements (for instance under the Tax Code and the Commercial Code);
- the data are still needed for the establishment and exercise of legal claims or the defense of legal claims, for instance by reason of technological and forensic requirements for the defence against attacks on our web server and their prosecution;
- the erasure would be counter to the data subject’s legitimate interests;
- another exception under Art. 17 3. GDPR applies.
Sint oratio at per, diam saepe dicam ei sea. At civibus appetere cum, quem habeo in. Eam modo apeirian te, ut altera iisque evertitur sit. Cu saperet inermis aliquando nam, per impetus qualisque interesset ex, vix at omittantur instructior disputationi.
6. Your rights
You have a series of statutory rights that we wish to refer you to below. In addition, our data protection officer is of course available to you for questions concerning data collected and processed in relation to you via the contact details given below.
Right to access and data portability
You have the right at any time to access the personal data concerning you processed by us.
Where the data was processed on the basis of your consent or on the basis of a contract according to Art 6 1. (b) GDPR, you may also require under Art. 20 1. GDPR receipt of the stored personal data concerning you in a structured, commonly used, and machine-readable format. At your request, we shall also transmit the data directly to a recipient specified by you.
Right to rectification, restriction, and erasure
Further, you may under Art. 16 to 18 GDPR require us to rectify, restrict (storage) or erase your personal data where the data has been inaccurately processed by us, there are grounds for restriction of further data processing or the data processing has become unlawful for other reasons or where its storage is not permitted for other legal reasons. We ask you to note that your right to erasure can be restricted owing to statutory retention periods.
Right to object
Where our data processing is based exclusively on our legitimate interest under Art 6 1. (f) GDPR, you may object to this processing under Art. 21 1. GDPR. We then cease processing your data unless we can demonstrate data protection grounds for the processing that override your interests, rights and freedoms or where the processing serves the establishment, exercise, or defense of a legal claim. In addition, you always have the right to object to the use of your data for the purposes of direct marketing with future effect under Art. 21 2. GDPR.
Right to withdraw consent
Where you have allowed us by consent to process your personal data, you have a right under Art. 7 3. GDPR to withdraw consent with future effect.
Right to complain to the regulatory authority
You are free to lodge a complaint with a regulatory authority where you think that our processing of your personal data breaches the European General Data Protection Regulation or other national and international data protection laws.
The contact details for our responsible regulatory authority are:
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Telephone: +49 (0) 981 53 1300
To exercise your rights you may send us an informal communication to the following contact details. Similarly, please direct the withdrawal of your consent with details of which consent declaration you wish to withdraw to the following contact details:
Nymphenburger Str. 86
Telephone: +49 (0) 89 41615976 -0
Data protection officer
it.sec GmbH & Co. KG
Telephone: +49 (0) 731 20589 -24
7. Use of our website - profiling, cookies and web tracking
Basic information on Cookies and Opt-Out options
We use so-called cookies in some areas of our website, for instance in order to identify visitors’ preferences and to be able to optimize the website correspondingly. This makes navigation easier and contributes significantly to the user-friendliness of a web page. Cookies help us also in the identification of particularly popular areas of our Internet offering. Cookies are small files that are stored on the hard drives of visitors to the site. They enable information to be held for a specific period and the identification of the visitor’s computer. We use permanent cookies to improve the user experience and individual performance mapping.
However, technically not necessary cookies or our tracking software will only be activated after you have given us your consent by clicking on “Accept all cookies” or by selecting individual web tracking procedures and “Confirm selection”. The storage period for each cookie is listed in the cookie overview. You can also delete the cookies in advance or prevent the setting of cookies altogether by making the appropriate settings in your browser.
Our cookie information on our website provides in relation to these that you agree on the following declaration:
Please also remember that the erasure of all cookies will result also in opt-out cookies being erased. You would therefore have to reset these as appropriate. Cookies are also tied to a browser, i.e. they must always be set separately for each browser used by you on each device used by you. The necessary links for this can be found below in the description of the respective services.
Here you can find an overview of all Cookies used. If you want to change your Cookie preference, you can do so here.
8. Supplementary information and provision for individual services
We send you at your express request our newsletter on the topics selected by you together with information on our company. Please note that delivery can only be made once you have confirmed your requirement expressly again using our Double-Opt-In procedure.
The personal data collected during registration for the newsletter are used exclusively for mailing and the personalization of the newsletter (for instance to address you by your name). You can at any time with effect going forward withdraw consent to the storage of personal data that you have provided to us for the mailing of the newsletter. For the purposes of withdrawal of consent each newsletter contains a corresponding link; alternatively, you are welcome to contact us directly so that we can implement your withdrawal. We have given you details in the Double-Opt-In email of the consent provided to us.
Newsletter use analysis
Our newsletter contains tracking pixels. A tracking pixel is an invisible graphic in HTML emails the purpose of which is when opening the email to enable a log file record together with a record relating to the links activated from the newsletter with subsequent analysis. This enables us by means of statistical evaluation to appraise the success of our newsletter campaigns and to optimize our newsletter in order to introduce to you for instance topics and offerings better suited to your interests.
The personal data thus collected is processed by our service providers named below.
Where you do not agree to this, you can unsubscribe from the newsletter at any time using a link at the end of each newsletter.
Data recipient: The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000
Atlanta, GA 30308, USA
Data that you send to us using our contact form are processed for the purposes of communication and data exchange, thus in order to respond to you concerning your specific inquiry. These data are stored for so long as their processing for these purposes is necessary or until the expiry of any subsequent retention periods.
Online application process
We offer you the option of applying to us online. The transfer of the data provided by you and of the accompanying file attachments is by transport-encrypted connection. Your electronic application data are accepted by the respective responsible personnel department and forwarded only to the specialist department for that vacancy or to the persons entrusted with handling it. All participants will handle your application documents with the requisite care and absolutely confidentially.
On completion of the applicant selection process, we shall keep your application documents for 4 months and then erase them and destroy any copies where we have not entered into a contract of employment with you. If we want to include your application documents in our applicants’ pool we shall contact you about this. In the notification, you can actively consent to the further storage of your documents. Your applicant account and the data stored therein remain stored independently of a specific active application for so long as you do not deactivate this so that you have the option of applying for further vacancies with us.
Please note that applications that you send to us by email are transmitted to us unencrypted. We, therefore, recommend the use of the online application portal.
Data processing for purposes of direct marketing
Direct mail marketing
To the extent permitted in law, we also use as appropriate your name and the postal address is known to us for mailing advertising for our offerings. The legal basis is Art. 6 1. (f) in conjunction with recital 47 GDPR. Our legitimate interest is the promotion of sales or demand among our existing customers. Of course, you can, at any time, object to the processing of your data for marketing purposes with effect going forward. A communication in text form to the above-named contact details is sufficient. Following such, we erase your data from our distribution list. We shall keep the data that account for your objection subsequently for a further 6 years in accordance with Art. 17 3. (e) GDPR. During this period, however, your personal data will be barred from further processing.
To the extent permitted in law, we also use as appropriate in the case of business customers your name, company affiliation, and your given telephone number, in order to inform you of our own offerings, depending on your presumed interests. The legal basis is Art. 6 1. (f) in conjunction with recital 47 GDPR, S.7 (2) no. 2 Unfair Competition Act. Our legitimate interest is the promotion of sales or demand among our existing business customers. Of course, you can at any time object to processing your data for marketing purposes with effect going forward. A communication in text form to the above-named contact details is sufficient. Following such, we erase your data from our distribution list. We shall keep the data that account for your objection subsequently for a further 6 years in accordance with Art. 17 3. (e) GDPR. During this period, however, your personal data will be barred from further processing.