Privacy Policy

Data protection notice of B+R Bildung und Reisen GmbH

Thank you for visiting our website. Below we would like to inform you of how we handle your data in accordance with Art. 13 of the General Data Protection Regulation (GDPR).

Controller

The body specified in the imprint is responsible for the data processing described below.

Storage of IP address for security purposes

In addition, we store the full IP address transmitted by your web browser for strictly defined purposes for the duration of seven days in the interest of detecting, restricting and removing attacks on our website. At the end of this period, we delete or anonymise the IP address. The legal basis is given by Art. 6 (1 ) s. 1 (f) GDPR.

Usage Data

When you visit our website, so-called usage data are evaluated temporarily on our web server for statistical purposes in order to improve the quality of our web pages. This dataset consists of

  • the name and address of the content requested,
  • the date and time of the request,
  • the volume of data transmitted,
  • the access status (content transmitted, content not found),
  • description of the web browser and the operating system used,
  • the referral link showing which page you reached our website from,
  • The IP address of the requesting computer which is abbreviated in such a way that no link can be established with the person concerned.

The log data specified are only evaluated in anonymised form.

Data Security

We take technical and organisational steps to give your data the maximum possible protection from undesirable access. We use an encryption procedure on our web pages. Your details are transmitted from your computer to our server and vice versa over the internet by means of TLS encryption. You can usually tell this by the fact that the padlock symbol in the status bar of your browser is closed and the address line starts with .

Necessary Cookies

We use cookies on our web pages which are required for use of our website.

Cookies are small text files which are stored on your device and which can be interrogated. We distinguish between session cookies which are deleted as soon as you close your browser and permanent cookies which are stored beyond the individual session.

We do not use these necessary cookies for analysis, tracking or advertising purposes.

In some cases, these cookies merely contain information on certain settings and they cannot be identified with a specific individual. They may also be needed to enable the user interface, security and implementation of the site.

We use these cookies on the basis of Art. 6 (1) s 1 (f) GDPR.

You can adjust the settings of your browser such that it informs you if cookies are placed on your device. This makes the use of cookies transparent for you. You can also delete cookies at any time by means of the appropriate browser setting and prevent the installation of cookies. Please note that in that case it may not be possible to display our website and some functions may no longer be available from a technical perspective.

Tracking Technologies of External Providers for Advertising Purposes

We use cross-device tracking technologies to ensure that targeted advertising can be displayed to you on other web pages based on your visit to our site and to enable us to identify how effective our advertising was.

Data are processed on the basis of your consent in accordance with Art. 6 (1) s 1 (a) GDPR provided you have supplied your consent via our banner. Your consent is voluntary and can be revoked at any time.

How does tracking work?

When you visit our website, it is possible that the external providers specified below may identify characteristics by which your browser or device can be recognised (e.g. a so-called browser fingerprint), evaluate your IP address, store or interrogate recognition characteristics on your device (e.g. cookies) or receive access to individual tracking pixels.

Individual characteristics can be used by external providers to recognise your device on other websites. We can task such external providers with running advertising based on the sites we visit.

What does cross-device tracking mean?

If you log on with an external provider using your own user data, the particular recognition features of different browsers and devices can be combined. In other words, if the external provider has identified a separate characteristic for the laptop, desktop PC, smartphone or tablet that you use, these individual characteristics can be cross-referenced as soon as you use a service of that provider with your log-in details. In this way, the external provider can target our advertising campaigns across different devices.

What external providers do we use in this context?

Below, we name the external providers with whom we work for advertising purposes. As soon as the data in this context are processed outside the EU or EEA, we will provide details of the appropriate level of data protection. You will also be told how to revoke your consent:

Provider:  Google (USA)

Suitable level of data protection: Privacy Shield Agreement (Art. 45 (1) GDPR).

Revocation of consent: If you wish to revoke your consent, please please scroll to the top of this site and change the appropriate setting through our banner.  

Google Search

You have the option on our website to use the Google search window to launch search queries on the contents of our site.

Data are processed on the basis of your consent in accordance with Art. 6 (1) s 1 (a) GDPR provided you have supplied your consent. Your consent is voluntary and can be revoked at any time.

If you use Google search on our website, Google will store and/or interrogate recognition features on your device (cookies).

As a result, Google receives information that you have visited our site, what browser and what device you used and what you searched for. This information may be used by Google for advertising purposes or combined with your Google profile if you have an account with Google. We have no control over whether Google processes the data for further purposes. You can find further information on data protection at Google here: https://policies.google.com/privacy?hl=de.

Contact Form 

You have the option to contact us through our contact form. To enable you to use our contact form, we first need the data marked as compulsory from you.

We use these data on the basis of Art. 6 (1) s 1 (f) GDPR in order to answer your query.

Moreover, you can decide yourself whether you wish to communicate further details to us. Such details are divulged voluntarily and are not essential for making contact. We will process your voluntary details on the basis of your consent in accordance with Art. 6 (1) s 1 (a) GDPR.

Your data will only be processed to answer your enquiry. We will delete your data if they are no longer needed and this does not conflict with any statutory duties of retention.

If the data transmitted with the contact form are processed on the basis of Art. 6 (1) s 1 (f) GDPR, you can object to such processing at any time. You can also revoke your consent to the processing of your voluntary data at any time. To do so, please contact the email address specified in the legal notice.

You can also make direct contact with our points of contact by email or on the phone. Data which you transmit in the process will only be processed by us in order to deal with your enquiry, also on the basis of Art. 6 (1) s 1 (f) GDPR. In this case, too, you have a right of objection.

Application

You have the option to apply for the jobs advertised by us via the email address provided or the web form.

To enable us to take your application into consideration, we need at least the following details:

  • Name
  • Telephone number
  • Email address
  • Letter
  • Curriculum Vitae
  • References and qualifications

We will process your data solely for the purpose of selecting applicants in accordance with Sec. 26 (1) BDSG (Federal Data Protection Act). The data will not be processed for any other purposes.

In addition, you can decide yourself whether you would like to provide us with further details, e.g. your leisure interests, a photo, etc. to enable your application to be better assessed or to simplify communication. Such details are divulged voluntarily and are not essential for the application. If you include voluntary information in your application, you give your consent to us to process these data solely for the purpose of selecting applicants. You can revoke this consent at any time with future effect. Please address your revocation to the body specified in the legal notice.

Your details will be treated in strict confidence. If your application is unsuccessful, your documents will be deleted no later than six months after your letter of rejection is despatched. The legal basis for this processing is set out in Art. 6 (1) s 1 (f) GDPR in the legitimate interest of defending any legal claims.

In the event that your application is to be taken into consideration for other or future job advertisements, this will only be done on the basis of your consent. We will then process your data on the basis of Art. 6 (1) s 1 (a) GDPR and we will delete your application after two years. You can revoke your consent at any time with future effect. Please send your revocation to the body specified in the legal notice.

Embedded Videos

We embed videos on our web pages which are not stored on our servers. To ensure that calling up web pages with embedded videos does not automatically lead to the external provider’s content being loaded, we initially only show locally saved preview images of the videos. The external provider does not receive information about this.

Only if you click on the preview image is the external provider’s content downloaded. The external provider is informed that you have called up our site as well as the usage data required for technical purposes in this context. We have no control over any further processing by the external provider. By clicking on the preview image, you give us your consent to load the external provider’s content. 

Videos are embedded on the basis of your consent in accordance with Art. 6 (1) s 1 (a) GDPR provided you have supplied your consent by clicking on the preview image.

Provider:  Vimeo (USA)

Suitable level of data protection: Privacy Shield Agreement (Art. 45 (1) GDPR).

Revocation of consent: If you click on a preview image, the external provider’s content will be loaded immediately. If you do not wish such content to be loaded on other pages, please do not click on any further preview images.

Card Services

We embed card services on our web pages that are not stored on our servers. To ensure that calling up web pages with embedded card services does not automatically lead to the external provider’s content being loaded, we initially only show locally saved preview images of the cards. The external provider does not receive information about this.

Only if you click on the preview image is the external provider’s content downloaded. The external provider is informed that you have called up our site as well as the usage data required for technical purposes in this context. We have no control over any further processing by the external provider. By clicking on the preview image, you give us your consent to load the external provider’s content. 

Card services are embedded on the basis of your consent in accordance with Art. 6 (1) s 1 (a) GDPR provided you have supplied your consent by clicking on the preview image.

Provider:  Google (USA)

Suitable level of data protection: Privacy Shield Agreement (Art. 45 (1) GDPR).

Revocation of consent: If you click on a preview image, the external provider’s content will be loaded immediately. If you do not wish such content to be loaded on other pages, please do not click on any further preview images.

Length of Storage

If we have not already provided details of the length of storage, we will delete personal data if they are no longer required for the above-mentioned processing purposes and their deletion does not conflict with any statutory duties of retention.

Further Processors

As part of contractual processing in accordance with Art. 28 GDPR, we will pass on your data to service providers who support us in operating our website and its associated processes. For example, this includes hosting service providers. Our service providers are strictly bound by our instructions and subject to corresponding contractual obligations.

Below we name the processors with whom we work unless we have done so already in the body of this data protection policy above. If data are transferred outside the EU or EEA in this context, we will provide details of the appropriate level of data protection. 

1) Processor: GOPAS Solutions GmbH

Purpose: Web hosting und support

Suitable level of data protection: Processing only within EU/EEA

2) Processor: artundweise GmbH

Purpose: Support

Suitable level of data protection: Processing only within EU/EEA

Your Rights as a Data Subject

If your personal data are processed, the GDPR grants you certain rights as the data subject:

Right of access (Art. 15 GDPR)

You have the right to request confirmation of whether data relating to yourself are being processed; if this is the case, you have a right of information with regard to such personal data and to the information detailed in Art. 15 GDPR.

Right to rectification (Art. 16 GDPR)

You have the right to demand the immediate rectification of incorrect personal data relating to yourself and, if applicable, the completion of incomplete data.

Right to erasure (Art. 17 GDPR)

You have the right to request the immediate erasure of personal data relating to yourself if one of the reasons detailed in Art. 17 GDPR applies.

Right to restrict processing (Art. 18 GDPR)

You have the right to request that processing be restricted for the duration of the inspection to be carried out by the controller if one of the conditions listed in Art. 18 GDPR is met, e.g. if you have objected to the processing.

Right to data portability (Art. 20 GDPR)

In certain cases detailed in Art. 20 GDPR, you have the right to receive the personal data relating to yourself in a structured, conventional, machine-readable format or to request the transmission of these data to a third party.

Right of revocation (Art. 7 GDPR)

If the processing of data is carried out on the basis of your consent, you are entitled in accordance with Art. 7 (3) GDPR to revoke your consent to the use of your personal data at any time. Please note that any revocation only applies to the future. Processing performed before revocation is issued will not be affected.

Right of objection (Art. 21 GDPR)

If data are collected on the basis of Art. 6 (1) s 1 (f) GDPR (data processing to safeguard legitimate interests) or on the basis of Art. 6 (1) s 1 (e) GDPR (data processing to safeguard a public interest or in the exercise of official authority), you have the right to object to the processing at any time for reasons arising from your particular situation. We will no longer process the personal data unless there are compelling, demonstrable reasons for the processing which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

Right of complaint to regulatory authority (Art. 77 GDPR)

In accordance with Art. 77 GDPR, you have the right to lodge a complaint with a regulatory authority if you are of the opinion that the processing of data relating to yourself breaches data processing provisions. In particular, the right of complaint can be exercised with a regulatory authority in the Member State of your usual place of residence, your place of work or the location of the suspected breach.

Assertion of your rights

Unless otherwise described above, please contact the body specified in the legal notice in order to assert your rights as a data subject.

Contact details of Data Protection Officer

Our external Data Protection Officer will be happy to provide you with information on the subject of data protection on the following contact details:

datenschutz nord GmbH
Konsul-Smidt-Straße 88
28217 Bremen
Internet: www.datenschutz-nord-gruppe.de
Email: office@datenschutz-nord.de

If you turn to our Data Protection Officer, please also specify the responsible body stipulated in the legal notice.