Data Protection Policy

General information on data protection and data processing

Introduction

The protection of your personal data and your privacy is very important to us. In this privacy policy, we explain to you in detail what personal data we collect, what happens to your personal data, the purpose of data collection and the legal basis for this. We also explain how long we store such data, what rights you have under applicable data protection law and who you can contact if you have any questions about data protection at skilltrader Network GmbH.

We only collect, process, store and use personal data if this is necessary for the provision of a service or offer. Personal data is only collected and used with the user's consent. An exception applies in cases where it is not possible to obtain consent for factual reasons or where the processing of data is permitted by law.

Below we inform you in detail about the handling of your data:

Status: February 06, 2024

Entity responsible for data processing

The controller responsible for data collection, data processing and data use is adblue financial systems GmbH, Josef-Orlopp-Str. 42, 10365 Berlin - Germany, Managing Director Göksen Ince - registered at Charlottenburg Local Court - HRB: 80729 (hereinafter referred to as “adblue”). Website: www.trademaster.com

Questions about this privacy policy

If you have any questions or require further information about data protection at adblue, please contact our data protection officer Janina Wallenta - adblue financial systems GmbH, Josef-Orlopp-Str. 42, 10365 Berlin - Germany or by e-mail to: info@trademaster.com or by telephone on +49 (0)30 243 420

To whom does this privacy policy apply?

The privacy policy applies to all processing of personal data carried out by us, both in the context of the provision of our services and in particular on our websites, in mobile applications and within external online presences, such as our social media profiles. In particular, visitors to our websites and persons who are interested in or register for adblue products or services. All interested parties and customers of adblue, as well as persons who are in contact with us, such as authorized representatives, beneficial owners of our customers, representatives or employees of legal entities, cooperation and sales partners, as well as contact persons for the aforementioned groups. Furthermore, if you contact us, e.g. by email, chat, messenger, telephone, fax or other communication channels. You can access the declaration at any time on the Internet at https://trademaster.com/datenschutz

Overview of the processing operations

Types of data processed

  • Inventory data (e.g. names, addresses)
  • Content data (e.g. entries in online forms)
  • Contact data (e.g. e-mail, telephone numbers)
  • Meta/communication data (e.g. device information, IP addresses)
  • Usage data (e.g. websites visited, interest in content, access times)
  • Contract data (e.g. subject matter of the contract, term, customer category)
  • Applicant data (e.g. personal details, postal and contact addresses, the documents belonging to the application and the information contained therein, such as cover letter, CV, certificates and other personal or qualification information provided by applicants with regard to a specific position or voluntarily)
  • Contact information (Facebook) (“contact information” is data that (clearly) identifies data subjects, such as names, email addresses and telephone numbers, which can be transmitted to Facebook, e.g. via Facebook pixel or upload for matching purposes for the purpose of creating custom audiences; after matching for the purpose of creating target groups, the contact information is deleted)
  • Payment data (e.g. bank details, invoices, payment history)

Categories of data subjects

  • Applicants
  • Business and contractual partners
  • Interested parties
  • Communication partners
  • Customers
  • Users (e.g. website visitors, users of online services)
  • Participants (e.g. participants of events)

Purposes of the processing

  • Registration procedure
  • Provision of our online services and user-friendliness
  • Conversion measurement (measurement of the effectiveness of marketing measures)
  • Application procedure (establishment and possible subsequent implementation and possible subsequent termination of the employment relationship)
  • Office and organizational procedures
  • Direct marketing (e.g. by email or post)
  • Target group formation
  • Marketing
  • Contact requests and communication
  • Profiles with user-related information (creation of user profiles)
  • Remarketing
  • Reach measurement (e.g. access statistics, recognition of returning visitors)
  • Security measures
  • Provision of contractual services and customer service
  • Managing and responding to inquiries
  • Affiliate tracking
  • Target group formation (determination of target groups relevant for marketing purposes or other output of content)

Relevant legal bases

Below you will find an overview of the legal bases of the GDPR on the basis of which we process personal data. Please note that in addition to the provisions of the GDPR, national data protection regulations may apply in your or our country of residence or domicile. Should more specific legal bases also apply in individual cases, we will inform you of these in the privacy policy.

  • Consent (Art. 6 para. 1 sentence 1 lit. a. GDPR) - The data subject has given their consent to the processing of their personal data for a specific purpose or several specific purposes.
  • Performance of a contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b. GDPR) - Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
  • Legal obligation (Art. 6 para. 1 sentence 1 lit. c. GDPR) - Processing is necessary for compliance with a legal obligation to which the controller is subject.
  • Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR) - Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.
  • Application procedure as a pre-contractual or contractual relationship (Art. 9 para. 2 lit. b GDPR) - Insofar as special categories of personal data within the meaning of Art. 9 para. 1 GDPR (e.g. health data, such as severely disabled status or ethnic origin) are requested from applicants so that the controller or the data subject can exercise their rights under labor law and social security and social protection law and fulfill their obligations in this regard, their processing is carried out in accordance with Art. 9 para. 2 lit. b. GDPR, in the case of the protection of vital interests of applicants or other persons pursuant to Art. 9 para. 2 lit. c. GDPR or for the purposes of preventive health care or occupational medicine, for the assessment of the employee's ability to work, for medical diagnosis, care or treatment in the health or social sector or for the management of systems and services in the health or social sector pursuant to Art. 9 para. 2 lit. h. GDPR. In the case of communication of special categories of data based on voluntary consent, their processing is carried out on the basis of Art. 9 para. 2 lit. a. GDPR.

National data protection regulations in Germany: In addition to the data protection regulations of the General Data Protection Regulation, national data protection regulations apply in Germany. These include, in particular, the Act on the Protection against Misuse of Personal Data in Data Processing (Federal Data Protection Act - BDSG). In particular, the BDSG contains special regulations on the right to information, the right to erasure, the right to object, the processing of special categories of personal data, processing for other purposes and transmission as well as automated decision-making in individual cases, including profiling. It also regulates data processing for the purposes of the employment relationship (Section 26 BDSG), in particular with regard to the establishment, implementation or termination of employment relationships and the consent of employees. The data protection laws of the individual federal states may also apply.

Security measures

We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk.

The measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical and electronic access to the data, as well as the access, input, disclosure, safeguarding of availability and its separation. Furthermore, we have established procedures that ensure the exercise of data subject rights, the deletion of data and responses to data breaches. Furthermore, we already take the protection of personal data into account during the development or selection of hardware, software and procedures in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.

Shortening the IP address: If IP addresses are processed by us or by the service providers and technologies used and the processing of a full IP address is not required, the IP address is truncated (also known as “IP masking”). The last two digits or the last part of the IP address after a dot are removed or replaced by placeholders. The purpose of shortening the IP address is to prevent or make it much more difficult to identify a person by their IP address.

SSL encryption (https): We use SSL encryption to protect your data transmitted via our online offering. You can recognize such encrypted connections by the prefix https:// in the address bar of your browser.

Transmission of personal data

As part of our processing of personal data, data may be transmitted to other bodies, companies, legally independent organizational units or persons or disclosed to them. The recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and, in particular, conclude corresponding contracts or agreements with the recipients of your data that serve to protect your data.

Data transfer within the group of companies:

We may transfer personal data to other companies within our group of companies or grant them access to this data. If this transfer takes place for administrative purposes, the transfer of the data is based on our legitimate business and commercial interests or takes place if it is necessary for the fulfillment of our business objectives.

Data transfer within the organization:

We may transfer personal data to other departments within our organization or grant them access to this data. If this transfer takes place for administrative purposes, the transfer of the data is based on our legitimate business and commercial interests or takes place if it is necessary to fulfill our contractual obligations or if the consent of the data subjects or a legal permission exists.

Data processing in third countries

If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA)) or if the processing takes place in the context of the use of third-party services or the disclosure or transfer of data to other persons, bodies or companies, this will only take place in accordance with the legal requirements.

Subject to express consent or contractually or legally required transfer, we only process or have the data processed in third countries with a recognized level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, in the presence of certifications or binding internal data protection regulations (Art. 44 to 49 GDPR, information page of the EU Commission).

Deletion of data

The data processed by us will be deleted in accordance with the legal requirements as soon as the consent given for processing is revoked or other permissions no longer apply (e.g. if the purpose for processing this data no longer applies or it is not required for the purpose).

If the data are not deleted because they are required for other and legally permissible purposes, their processing will be restricted to these purposes. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons or whose storage is necessary for the assertion, exercise or defense of legal claims or to protect the rights of another natural or legal person.

As part of our data protection information, we may provide users with further information on the deletion and retention of data that applies specifically to the respective processing operation.