Privacy Policy
I. Privacy Policy for our Website
1. Introduction and General Information
Thank you for your interest in our website. The protection of your personal data is of great importance to us. Below, you will find information on how we handle the data collected through your use of our website. The processing of your data is carried out in accordance with the legal regulations for data protection.
2. Responsible party according to the GDPR
b4dynamics GmbH
Roemerstraße 39
78183 Huefingen
Tel.: +49 771 89784 115
Fax: +49 771 89784 799
E-Mail: info@b4dynamics.com
Website: www.b4dynamics.com
3. Contact information of the Data Protection Officer
Proliance GmbH / www.datenschutzexperte.de
Data Protection Officer
Leopoldstr. 21
80802 Munich
datenschutzbeauftragter@datenschutzexperte.de
When contacting the Data Protection Officer, please mention the company to which your inquiry pertains. Kindly refrain from including sensitive information such as a copy of an ID with your request.
4. Definitions
Our privacy policy aims to be simple and understandable for everyone. In this privacy policy, we generally use the official terms of the General Data Protection Regulation (GDPR). The official definitions of these terms can be found in Article 4 of the GDPR.
5. Access to and Storage of Information on End Devices
By using our website, access to information (e.g., IP address) or storage of information (e.g., cookies) on your end devices may occur. This access or storage may involve further processing of personal data within the meaning of the GDPR.
In cases where such access to information or storage of information is absolutely necessary for the technically flawless provision of our services, this is based on § 25 (1) sentence 1, (2) no. 2 of the German Telemedia Act (TTDSG).
In cases where such a process serves other purposes (e.g. customized design of our website), this is based on § 25 (1) TTDSG only with your consent pursuant to Article 6 (1) lit. a GDPR. This consent can be revoked at any time for the future. The processing of your personal data is subject to the provisions of the GDPR and the Federal Data Protection Act (BDSG).
For more information on the processing of your personal data and the relevant legal bases in this context, please refer to the following sections regarding specific processing activities on our website.
6. Web Hosting
This website is hosted by an external service provider (Medialine EuroTrade AG Düsseldorf). The hosting of this website takes place in Germany. Personal data collected on this website is stored on the servers of the hosting provider. This may include, in particular, IP addresses, contact inquiries, meta and communication data, website access, and other data generated through website usage.
We collect the listed data to ensure a smooth connection establishment for the website and to technically provide our services without errors. The processing of this data is absolutely necessary to make the website available to you. The legal basis for processing the data is our legitimate interest in the correct presentation and functionality of our website, in accordance with Article 6 (1) lit. f GDPR.
We have concluded a data processing agreement with the provider in accordance with the requirements of Article 28 GDPR, in which we oblige them to protect our customers’ data and not to disclose it to third parties.
7. Server Log Files
When you access our website, it is technically necessary for data to be transmitted to our web server through your internet browser. The following data is recorded during an active connection for communication between your internet browser and our web server:
- Date and time of the request
- Name of the requested file
- Page from which the file was requested
- Access status
- Used web browser and operating system
We collect the listed data to ensure a smooth connection establishment for the website and to technically provide our services without errors. The processing of this data is absolutely necessary to make the website available to you. The log files serve the purpose of evaluating system security and stability, as well as for administrative purposes. The legal basis for processing the data is our legitimate interest in protecting and ensuring the functionality of our website, in accordance with Article 6 (1) lit. f GDPR.
For reasons of technical security, especially to defend against attack attempts on our web server, we store this data temporarily. After a maximum of 30 days, the data is anonymized by shortening the IP address to the domain level, so that it is no longer possible to establish a reference to individual users.
Additionally, the data may be processed in anonymized form for statistical purposes. Storage of this data together with other personal user data, comparison with other data sets, or disclosure to third parties never occurs at any time.
8. Contact Form and Contacting via Email
If you send us inquiries via contact form or email, your details from the inquiry form or your email, including the personal data you provided there, will be stored by us to process the inquiry and for follow-up questions.
Providing an email address is necessary for contacting you, while providing your first and last name and telephone number is voluntary. We never share this data without your consent.
For providing our contact form, we use the service provider WPForms. To ensure a privacy-compliant processing of contact data by WPForms, we have concluded a data processing agreement pursuant to Article 28 GDPR with WPForms.
The legal basis for processing the data is our legitimate interest in responding to your request according to Article 6 (1) lit. f GDPR, and if applicable, Article 6 (1) lit. b GDPR, if your inquiry aims at entering into a contract. Your data will be deleted after final processing of your inquiry, provided there are no legal retention obligations. In case of Article 6 (1) lit. f GDPR, you can object to the processing of your personal data at any time.
9. Newsletter
If you wish to subscribe to the newsletter offered on the website, providing you with regular information about our offers and products, we require your email address as a mandatory field.
Providing your name is done to address you personally in the newsletter and/or to identify you if you wish to exercise your rights as a data subject.
By checking the respective checkbox, you give us your consent in accordance with Article 6 (1) lit. a GDPR to use your personal data for the purpose of sending you the requested newsletter.
When you subscribe to the newsletter, we store the email address necessary for sending, the IP address through which you signed up for the newsletter, as well as the date and time of registration and confirmation. This is done to potentially trace any misuse at a later point. The legal basis for this is our legitimate interest pursuant to Article 6 (1) lit. f GDPR.
You can unsubscribe from the newsletter at any time using the link provided in each newsletter or by sending an email to the responsible party mentioned above. After unsubscribing, your email address will be promptly deleted from our newsletter distribution list, unless you have explicitly consented to the continued use of the collected data or the continued processing is otherwise legally permissible.
10. Submission of Job Applications
If you apply to us through our contact form or via email, we collect personal data. This notably includes your contact information (such as first and last name, telephone number, and email address of the applicant), as well as other data you provide regarding your career (e.g., resume, qualifications, degrees, and work experience) and your personal background (e.g., cover letter, personal interests). This might also include special categories of personal data (e.g., information about disabilities).
Your personal data is typically collected directly from you as part of the application process and is encrypted during electronic transmission. The primary legal basis for this is § 26 (1) BDSG (German Federal Data Protection Act). Additionally, consent in accordance with Article 6 (1) lit. a GDPR in conjunction with § 26 (2) BDSG can serve as a legal basis. If your data processing is based on consent, you have the right to revoke the consent at any time with effect for the future.
Within our company, only individuals and departments (e.g., human resources) who absolutely require access to your personal data for the execution of the application process or to fulfill our legal obligations have access to your data. Your applications may be forwarded to the respective responsible parties for review. Under no circumstances will your personal data be disclosed to unauthorized third parties.
We may transfer your personal data to affiliated companies. When we transfer applicant data to fill positions in our affiliated companies, we obtain consent in accordance with Article 6 (1) lit. a GDPR in conjunction with § 26 (2) BDSG from the applicants.
Data related to an application for a specific job vacancy is stored and processed with us during the ongoing application process. After the conclusion of the application process (e.g., through acceptance or rejection), the application process, including all personal data, will be deleted from the system no later than six months after the conclusion of the application process. Data of selected applicants will be securely stored for up to 2 years if the applicants have given their consent in accordance with Article 6 (1) sentence 1 lit. a GDPR in conjunction with § 26 (2) BDSG. You can revoke your consent at any time with effect for the future. A simple email to the contact details of the responsible party listed above is sufficient for this purpose. In the event of an acceptance, your application documents will be added to the personnel file.
11. Cookies
Our website uses so-called “cookies.” Cookies are small text files that are either temporarily stored for the duration of a session (session cookies) or stored permanently (persistent cookies) on your end device. Session cookies are automatically deleted after your visit ends. Persistent cookies remain stored on your end device until you delete them yourself or they are automatically deleted by your web browser.
Cookies have various functions. Numerous cookies are technically necessary, as certain website functions would not work without them (e.g., shopping cart function or language settings). Other cookies are used to evaluate user behavior or display advertisements.
The processing of data through the use of absolutely necessary cookies is based on a legitimate interest according to Article 6 (1) lit. f GDPR in the technically flawless provision of our services. Details about the processing purposes and legitimate interests can be found in the explanations regarding specific data processing.
The processing of personal data through the use of other cookies is based on consent according to Article 6 (1) lit. a GDPR. This consent can be revoked at any time for the future. If such cookies are used for analysis and optimization purposes, we will inform you separately within this privacy policy and obtain consent according to Article 6 (1) lit. a GDPR.
You can configure your browser to:
- Inform you about the setting of cookies,
- Allow cookies only in specific cases,
- Exclude acceptance of cookies for specific cases or in general,
- Enable automatic deletion of cookies when closing the browser.
You can manage cookie settings for specific browsers using the following links:
- Google Chrome
- Mozilla Firefox
- Edge (Microsoft)
- Safari
- Opera
You can also individually manage cookies from many companies and functions used for advertising. To do so, you can use user tools available at https://www.aboutads.info/choices/ or http://www.youronlinechoices.com/uk/your-ad-choices.
Most browsers also offer a “Do-Not-Track” function. When this function is enabled, the respective browser informs advertising networks, websites, and applications that you do not wish to be “tracked” for behavioral advertising and similar purposes.
You can find information and instructions on how to edit this function based on your browser provider through the following links:
- Google Chrome
- Mozilla Firefox
- Edge (Microsoft)
- Safari
- Opera
Additionally, you can prevent the loading of so-called scripts by default. “NoScript” allows the execution of JavaScripts, Java, and other plugins only on trusted domains of your choice. You can find information and instructions on how to edit this function from your browser provider (e.g., for Mozilla Firefox at: https://addons.mozilla.org/de/firefox/addon/noscript/).
Please note that disabling cookies can limit the functionality of our website.
Change Cookie Settings
You can revoke or modify your cookie settings at any time. To do so, access the cookie settings again through our integrated fingerprint, which you can find at the bottom right of the website at any time
12. Data Disclosure and Recipients
Transmission of your personal data to third parties does not occur, except
- When we have explicitly indicated it in the description of the respective data processing,
- When you have given explicit consent according to Article 6 (1) lit. a GDPR,
- When disclosure is necessary under Article 6 (1) lit. f GDPR for the establishment, exercise, or defense of legal claims, and there is no reason to believe that you have an overriding legitimate interest in not disclosing your data,
- In cases where there is a legal obligation for disclosure under Article 6 (1) lit. c GDPR, and
- When disclosure is necessary for the performance of a contract with you under Article 6 (1) lit. b GDPR
Furthermore, we use external service providers for the execution of our services. These providers have been carefully selected, contractually commissioned, and, where necessary, have entered into data processing agreements according to Article 28 GDPR. They are bound by our instructions and are regularly monitored by us. These service providers include, among others, hosting services, email delivery, as well as maintenance and upkeep of our IT systems. These service providers will not disclose this data to third parties.
13. Data Security
We implement appropriate technical and organizational measures in accordance with Article 32 of the GDPR, considering the state of the art, implementation costs, the nature, scope, context, and purposes of processing, as well as the varying likelihood and severity of risks to the rights and freedoms of individuals. These measures are designed to ensure an appropriate level of protection in line with the associated risks. For security and to safeguard the transmission of confidential content, this website utilizes SSL encryption.
14. Duration of Personal Data Storage
The duration of storing personal data is determined by applicable legal retention periods (e.g., based on commercial and tax law). After the respective retention period has expired, the corresponding data will be routinely deleted. If data is necessary for contract fulfillment or initiation, or if we have a legitimate interest in retaining it, the data will be deleted when it is no longer needed for these purposes or when you have exercised your right to revoke or object.
15. Your Rights
Below, you will find information about the data subject rights granted to you under the applicable data protection law in relation to the processing of your personal data by the data controller:
The right to request information according to Article 15 GDPR about the personal data we process concerning you. In particular, you can obtain information about the processing purposes, the categories of personal data, the categories of recipients to whom your data has been or will be disclosed, the envisaged storage duration, the existence of the right to rectification, erasure, restriction of processing, or objection, the existence of a right to lodge a complaint, the source of your data if it was not collected by us, and the existence of automated decision-making, including profiling, and meaningful information about the logic involved.
The right to request without undue delay the rectification of inaccurate or completion of your personal data stored by us according to Article 16 GDPR.
The right to request the erasure of your personal data stored by us according to Article 17 GDPR, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims.
The right to request the restriction of processing of your personal data according to Article 18 GDPR if the accuracy of the data is contested by you, the processing is unlawful, but you oppose its erasure, and we no longer need the data but you require it for the establishment, exercise, or defense of legal claims, or you have objected to processing pursuant to Article 21 GDPR.
The right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format, or to request the transmission to another controller according to Article 20 GDPR.
The right to lodge a complaint with a supervisory authority according to Article 77 GDPR. As a rule, you can contact the supervisory authority at the location of our registered office, or your habitual residence, or place of work.
The right to withdraw your consent according to Article 7 (3) GDPR: You have the right to revoke consent once given for the processing of data at any time with effect for the future. Upon revocation, we will promptly delete the affected data, provided that further processing cannot be based on a legal basis for processing without consent. The legality of processing based on consent until revocation remains unaffected by the revocation.
Right to Object
If your personal data is processed by us based on legitimate interests according to Article 6 (1) lit. f GDPR, you have the right according to Article 21 GDPR to object to the processing of your personal data, provided that there are reasons arising from your particular situation. If the objection is directed against the processing of personal data for the purpose of direct marketing, you have a general right to object without having to provide specific reasons.
If you would like to exercise your right to withdraw or object, a simple email to info@b4dynamics.com is sufficient.
16. Legal Obligations
The provision of personal data for the decision on concluding a contract, contract fulfillment, or the implementation of pre-contractual measures is voluntary. However, we can only make decisions within the scope of contractual measures if you provide such personal data that is necessary for contract conclusion, contract fulfillment, or pre-contractual measures.
17. Automated Decision-Making
Automated decision-making or profiling according to Article 22 GDPR does not take place.
II. Data Protection Information for Customers, Prospects, and Business Partners
1. Purposes and Legal Bases of Processing
We process your personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG), to the extent that it is necessary for the establishment, execution, fulfillment of contracts, as well as for the implementation of pre-contractual measures. If the processing of personal data is necessary for the initiation or execution of a contractual relationship or as part of pre-contractual measures, the processing is lawful under Article 6 (1) lit. b GDPR. If you grant us explicit consent for the processing of personal data for specific purposes (e.g., sharing with third parties, evaluation for marketing purposes, or promotional contact via email), the lawfulness of this processing is based on your consent under Article 6 (1) lit. a GDPR. A given consent can be revoked at any time with effect for the future. If necessary and legally permissible, we process your data beyond the actual contract purposes to fulfill legal obligations in accordance with Article 6 (1) lit. c GDPR. Furthermore, processing may occur to protect our or third parties’ legitimate interests, as well as for defense and enforcement of legal claims under Article 6 (1) lit. f GDPR. If applicable, we will inform you separately about the legitimate interest, as required by law.
2. Categories of Personal Data
We only process data that is relevant to the establishment of the contract or pre-contractual measures. This may include general information about you or individuals within your company (name, address, contact details, etc.), as well as any additional data you provide us during the contract initiation process.
3. Sources of Data
We process personal data that we receive from you during contact or contract initiation, or through the use of our website forms.
4. Recipients of the Data
Within our company, we only share your personal data with departments and individuals who require the data to fulfill contractual and legal obligations or to implement our legitimate interests. Your personal data is processed on our behalf based on data processing agreements according to Article 28 GDPR. In these cases, we ensure that the processing of personal data is in compliance with the provisions of the GDPR. The categories of recipients in these cases include internet service providers, as well as providers of customer management systems and software. Data may be shared with recipients outside the company only if permitted or required by legal regulations, if the sharing is necessary for the contract’s fulfillment or pre-contractual measures at your request, if we have your consent, or if we are legally obligated to provide information. Under these circumstances, recipients of personal data may include:
- External tax consultant
- Public authorities and institutions (e.g., public prosecutor’s office, police, supervisory authorities, tax authorities) in cases of legal or regulatory obligations,
- Recipients to whom sharing is directly necessary for the establishment or fulfillment of contracts, such as Microsoft employees or employees of other project-related software providers.
5. Transfer to a Third Country
Transfer to a third country is not intended.
6. Duration of Data Storage
As required, we process and store your personal data for the duration of our business relationship or for the fulfillment of contractual purposes. This includes, among other things, the initiation and execution of a contract. Furthermore, we are subject to various retention and documentation obligations, which result, among other things, from the Commercial Code (HGB) and the Fiscal Code (AO). The prescribed periods for retention or documentation there range from two to ten years. Finally, the storage period also depends on the statutory limitation periods, which, for example, according to §§ 195 ff. of the Civil Code (BGB), are usually three years, but in certain cases can extend up to thirty years.
7. Your Rights
You can refer to the “Your Rights” section in point 16 above in our website privacy policy for your rights.
8. Necessity of Providing Personal Data
The provision of personal data for the decision on entering into a contract, contract fulfillment, or the execution of pre-contractual measures is voluntary. However, we can only make a decision within the scope of contractual measures if you provide such personal data that is necessary for the conclusion of the contract, contract fulfillment, or pre-contractual measures.
9. Automated Decision-Making
For the establishment, fulfillment, or execution of the business relationship, as well as for pre-contractual measures, we generally do not use fully automated decision-making according to Art. 22 GDPR. Should we use such procedures in individual cases, we will inform you separately or obtain your consent, if required by law.
III. Social Media Privacy Policy: Our Social Media Profiles
1. Introduction and General Information about Data Processing
The protection of your personal data is of great importance to us. In the following, you will find information about how we handle your data collected through your use of our social media profiles on social networks and platforms. The processing of your data is carried out in accordance with legal regulations.
1.1. General Information about the Responsible Party
b4dynamics operates profiles or “fan pages” on various social media platforms. For the processing of your personal data in connection with your visit to our profile or fan page on the platforms Facebook and LinkedIn, b4dynamics GmbH is jointly responsible with the operators of the respective platform mentioned under 1., provided they provide us with aggregated information about visitors to our fan page or profile (“Insights”). Detailed information about the scope of processing under joint responsibility related to the respective providers is provided in the second section of this privacy policy.
1. Joint Responsibility
For Facebook, the platform operator is: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour Dublin 2, a subsidiary of Meta Platforms, Inc., 1601 Willow Rd Menlo Park, CA 94025-1452, USA.
For the LinkedIn platform, the operator is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, a subsidiary of LinkedIn Corporation, 1000 W Maude Ave Sunnyvale, CA, 94085-2810 USA.
We have entered into an agreement under Article 26 GDPR regarding joint responsibility for the processing of your personal data (Controller Addendum) with the operators. This agreement specifies which data processing activities we or the respective operator are responsible for when you visit our fan page or profile on the platform of the respective operator. You can view this agreement at the following links:
Facebook: https://www.facebook.com/legal/terms/page_controller_addendum
LinkedIn: https://legal.linkedin.com/pages-joint-controller-addendum
2. Independent Responsibility of Platform Providers
If your personal data is processed by the social media platform providers listed below, this processing is carried out under the independent responsibility of the platform operator according to Article 7 No. 4 GDPR. For asserting your data subject rights, we would like to point out that these rights can be most effectively exercised with the respective platform providers. Only they have access to the data collected from you. If you still require assistance, please feel free to contact us at any time.
XING SE, Dammtorstraße 29-32, 20354 Hamburg, Deutschland
LinkedIn GmbH, Sendlinger Str. 12 80331 Munich
Instagram, Caffamacherreihe 7, 20355 Hamburg
Facebook GmbH, Caffamacherreihe 7 20355 Hamburg
YouTube, ABC-Straße 19 20354 Hamburg
3. Independent Responsibility of XING SE, LinkedIn, Instagram, Facebook, YouTube
For the processing of your personal data in the cases mentioned under 1.4. to 1.7., which is not carried out by the operators mentioned under 1.1.2., XING SE, LinkedIn, Instagram, Facebook, or YouTube are solely responsible.
1.2. Data Disclosure and Recipients, Data Transfer to Third Countries
If b4dynamics transfers personal data to the providers of social media platforms, the latter are recipients of the data within the meaning of Article 4 No. 9 GDPR. Since the visit and interaction with the social media platforms we use involve the transmission of personal data to the USA, additional safeguards are necessary to ensure the level of data protection required by the GDPR. To ensure this, we have agreed on standard data protection clauses pursuant to Article 46(2)(c) GDPR with the providers of all social media platforms we use. These clauses obligate the data recipients in the USA to process the data in accordance with the level of protection in Europe.
In cases where providers process your personal data under their own responsibility, we have no influence on the processing of this data by the provider and their handling of such data (at least after the data has been transmitted). For further information, please review the privacy policy of the respective provider and use the opt-out/personalization options regarding data processing by the provider, if necessary:
XING – Privacy Policy: https://privacy.xing.com/de/datenschutzerklaerung Opt-Out: https://nats.xing.com/optout.html?popup=1&locale=de_DE XING setzt laut der Datenschutzerklärung Standarddatenschutzklauseln ein, um ein angemessenes Datenschutzniveau nach den Vorgaben der DSGVO für die Datenübermittlung in die USA oder andere Drittländer außerhalb der EU sicherzustellen: https://privacy.xing.com/de/datenschutzerklaerung/wer-erhaelt-daten-zu-ihrer-person/drittlaender
LinkedIn – Privacy Policy: https://de.linkedin.com/legal/privacy-policy LinkedIn uses standard contractual clauses, as stated in the privacy policy, to ensure an adequate level of data protection in accordance with the requirements of the GDPR for the transfer of data to the USA or other third countries outside the EU: https://de.linkedin.com/legal/privacy-policy
Instagram – Privacy Policy: https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect According to the privacy policy, Instagram uses standard contractual clauses to establish an adequate level of data protection in accordance with GDPR requirements for the transfer of data to the USA or other third countries outside the EU: https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect
Facebook – Privacy Policy: https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0 According to the privacy policy, Facebook uses standard contractual clauses to ensure an adequate level of data protection as per GDPR requirements for the transfer of data to the USA or other third countries outside the EU: https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0
YouTube – Privacy Policy: https://policies.google.com/privacy According to the privacy policy, YouTube uses standard contractual clauses to ensure an adequate level of data protection as per GDPR requirements for the transfer of data to the USA or other third countries outside the EU: https://policies.google.com/privacy
1.3. Access to and Storage of Information on End Devices (Cookies)
When you access our Facebook fan page or our other social media presences, one or more cookies are set on your end device by the platform provider. Cookies are small text files that are either temporarily stored for the duration of a session (session cookies) or stored permanently (persistent cookies) on your end device. Session cookies are automatically deleted after your visit ends. Persistent cookies remain stored on your end device until you delete them manually or an automated solution by your web browser occurs.
Cookies have various functions. Many cookies are technically necessary as certain website functions would not work without them (e.g., the shopping cart function or language settings). Other cookies are used to analyze user behavior or display advertisements.
By interacting with our Facebook fan page or other social media presences, there may be access to information (e.g., your IP address) or storage of information (e.g., cookies) on your end devices. This access or storage may involve further processing of personal data under the scope of the GDPR.
The activity or validity period of cookies can vary significantly, but you can manually delete them at any time using your web browser settings. For technical questions regarding this, please consult your web browser’s manufacturer. Further information about the use of cookies and its legal basis can be found in the respective privacy policy of the provider. Links to the respective privacy policies can be found above under the section “Data Disclosure and Recipients.” For further inquiries on this matter, please contact the respective social media platform provider directly.
1.4. Data Processing for Market Research and Advertising Purposes
In general, personal data on the company’s page is processed by the provider of the social media platform for market research and advertising purposes. For this purpose, a cookie is set in your browser, allowing the respective provider to recognize you when you visit a website. Additionally, the provider extensively analyzes your interactions on the social media platform. Usage profiles can be created based on the collected data. These profiles are used to display advertisements both within and outside the platform that are presumed to match your interests. Furthermore, data can be stored in the usage profiles independently of the devices you use. This is typically the case if you are a member of the respective platforms and logged in. Further information on this can be found in the privacy information of the respective provider.
When you visit or interact with our social media presence, we may receive personal data from you that, unlike the cases mentioned in section 2 of this privacy policy, we also process in our own responsibility in addition to the provider. This can include information that you actively provide (e.g., comments and information you publicly provide such as your profile picture or name).
Collection of Information about who has viewed our Social Media Presence: Depending on the provider and your settings on the platform of the provider, we may also be informed about who has accessed our presence or page within the platform. The LinkedIn provider provides us with information about which LinkedIn user has visited our LinkedIn presence. This information is provided to us by LinkedIn indefinitely and without time limitations.
Our access to the mentioned data results from the operation of our social media presence; further processing of this data by us does not occur except in the cases mentioned in this privacy policy. We have a legitimate interest in the operation of our social media presence and the associated processing of personal data that you actively publish or provide to us, according to Art. 6(1)(f) of the GDPR. Our legitimate interest lies in advertising communication as well as in providing an effective means of communication and interaction with our company.
1.5. Data Processing when Contacting Us
We collect personal data ourselves when you, for example, contact us via a contact form or through a messenger service of the respective platform, such as the Facebook Messenger. The data collected depends on the information you provide as well as the contact details you provide or authorize. These data will be stored for the purpose of processing your inquiry and for follow-up questions. The legal basis for processing the data is our legitimate interest in responding to your request according to Art. 6(1)(f) of the GDPR, as well as Art. 6(1)(b) of the GDPR, if your inquiry aims at concluding a contract. Your data will be deleted after the final processing of your request, unless there are legal retention obligations. We consider the processing as finalized if the circumstances indicate that the matter in question has been conclusively clarified.
1.6. Data Processing for Contractual Execution
If your contact via a social network or another platform aims at concluding a contract for the delivery of goods or the provision of services with us, we process your data to fulfill the contract or to carry out pre-contractual measures or to provide the desired services. The legal basis for processing your data in this case is Art. 6(1)(b) of the GDPR. Your data will be deleted when they are no longer required for the execution of the contract or when it is determined that pre-contractual measures will not lead to a contract that corresponds to the purpose of the contact. Please note that even after the conclusion of the contract, it may be necessary to store personal data of our contractual partners in order to fulfill contractual or legal obligations.
1.7. Data Processing based on Consent
If you are asked by the respective platform providers to give consent for processing for a specific purpose, the legal basis for the processing is Art. 6(1)(a), Art. 7 of the GDPR. A given consent can be revoked at any time with effect for the future.
2. Processing in Joint Responsibility with the Social Media Platform Operator
2.1. Facebook Fan Page (Insights Functionality)
Data Processing Regarding “Page Insights” When Visiting Our Facebook Fan Page
When you visit our Facebook fan page, personal data about you is processed by both Facebook as the platform operator and b4dynamics as the fan page operator. To the extent that this data processing is related to the “Page Insights” functionality of Facebook (Meta Platforms Ireland Ltd. or Meta Platforms Inc.), we are jointly responsible with Facebook for this processing (Article 26(1) of the GDPR).
Page Insights (https://www.facebook.com/business/a/page/page-insights) is a function provided by Facebook that allows the operator b4dynamics of a Facebook fan page to obtain aggregated data about visitor interactions. Page Insights may be based on personal data collected in connection with visits or interactions of individuals on or with our page and related content. Please be aware of the personal data you share with us through Facebook. Your data may be processed for market research and advertising purposes, even if you are not logged into Facebook or do not have a Facebook account. For instance, user profiles can be created based on user behavior and derived interests. These user profiles can then be used to display advertisements within and outside the platforms that are presumed to match users’ interests. This data collection is done through cookies stored on your device. Furthermore, data in user profiles can also be stored independently of the devices used by users, especially when users are members of the respective platforms and are logged into them.
b4dynamics only receives aggregated data from Facebook, which does not allow conclusions to be drawn about individual persons. The processing of your personal data by b4dynamics is carried out for advertising or marketing purposes (e.g., increasing the reach and awareness of our fan page through targeted design of posts, evaluating the success of marketing campaigns).
The legal basis for processing your personal data in connection with your visit or interaction with our Facebook fan page is Article 6(1)(f) of the GDPR. We have a legitimate interest in using aggregated information about interactions with our Facebook fan page for advertising purposes.
For information about the purposes that Facebook pursues when processing your personal data and the legal basis for this data processing, please refer to Facebook’s privacy policy.
Please note that we do not have control over the data collection and further processing under Facebook’s responsibility. As a result, we cannot provide information about the extent, location, and duration of data storage by Facebook. Additionally, we cannot provide details about the extent to which Facebook complies with existing deletion obligations, the analyses and correlations made with the data by Facebook, and to whom Facebook’s data is disclosed.
For information about the processing of your personal data by Facebook for its own purposes, please refer to Facebook’s privacy policy: https://www.facebook.com/about/privacy/
Your rights as an affected person in data processing
As a visitor to the page, if you wish to exercise your rights (access, rectification, erasure, restriction, data portability, complaint to the supervisory authority, objection, or revocation), you can contact both Facebook and us. You can independently adjust your advertising settings in your user account. To do this, click on the following link and log in:
https://www.facebook.com/settings?tab=ads or http://www.youronlinechoices.com
Through Facebook settings, you can restrict the visibility of your Facebook account to us as well.
For more details, please refer to Facebook’s privacy policy: https://www.facebook.com/about/privacy/
Data Protection Officer of Facebook
To contact Facebook’s Data Protection Officer, you can use the online contact form provided by Facebook at the following link: https://www.facebook.com/help/contact/540977946302970
2.2. LinkedIn Presence
Data processing regarding “Page Insights” when visiting our LinkedIn presence
When you visit our LinkedIn presence, personal data about you is processed by LinkedIn as the platform operator, as well as by b4dynamics as the operator of our presence within the platform. To the extent that this data processing is carried out in connection with the Insights functionality of LinkedIn (LinkedIn Ireland Unlimited Company or LinkedIn Corporation), we are jointly responsible with LinkedIn (Article 26(1) GDPR).
LinkedIn Page Insights (https://legal.linkedin.com/pages-joint-controller-addendum) is a feature provided by LinkedIn that allows the operator b4dynamics of a LinkedIn presence to receive aggregated data about visitor interactions.
Within the context of the Page Insights function, LinkedIn analyzes your interaction with our LinkedIn presence and also utilizes the personal information you provide (professional activity, industry, country, etc.). The evaluated data is provided to us by LinkedIn, but only in aggregated form (meaning that LinkedIn does not provide us with specific information about individual users within this function, but rather only aggregated information). We use these aggregated data for the targeted presentation of our LinkedIn presence, as well as for its optimization in relation to the aforementioned advertising purposes.
We have a legitimate interest in pursuing these mentioned advertising purposes, and the processing of your data is based on Article 6(1)(f) GDPR.
For information on the purposes LinkedIn pursues with the processing of your personal data and the legal basis for this data processing, please refer to LinkedIn’s Privacy Policy.
Please note that we do not have control over the data collection and further processing that occurs under LinkedIn’s responsibility. Therefore, we cannot provide information about the extent, location, and duration of data storage by LinkedIn. Additionally, we cannot provide information about LinkedIn’s compliance with existing deletion obligations, the analyses and correlations conducted with the data by LinkedIn, and to whom LinkedIn shares the data.
Your rights as an affected person in data processing
If you, as a visitor of the page, would like to exercise your rights (access, rectification, erasure, restriction, data portability, complaint to the supervisory authority, objection or withdrawal), you can contact both LinkedIn and us. You can also restrict the visibility of your LinkedIn account towards us through the LinkedIn settings.
For further information about data processing by LinkedIn, please refer to LinkedIn’s Privacy Policy: https://www.linkedin.com/legal/privacy-policy
Data Protection Officer of LinkedIn
To contact LinkedIn’s Data Protection Officer, you can use the contact form provided at the link: https://www.linkedin.com/help/linkedin/ask/TSO-DPO
3. Storage Duration
The personal data collected by us will be deleted from our system when they are no longer necessary for the purposes initially specified at the time of collection or when you have exercised your right of withdrawal or objection. Legal retention periods remain unaffected. We have no influence over the storage duration of your data that is stored by social media providers for their own purposes. For details regarding the storage duration of such data, please refer directly to these providers.
4. Your Rights
You can find information about your rights in the section “Your Rights” in point 16 at the top of our website’s privacy policy.
IV. Reserved Right to Make Changes
We reserve the right to adjust or update this privacy policy as necessary, while adhering to applicable data protection regulations. This enables us to align the policy with current legal requirements and accommodate changes to our services, such as the introduction of new offerings. The most current version applies to your visit.
Effective Date of this Privacy Policy: May 9th, 2023
