Privacy Policy

The protection of personal data is very important to us. Therefore, personal data is processed in accordance with applicable European and national legal regulations.

You can, of course, revoke your consent(s) at any time with effect for the future. Please contact the data controller as per Section 1 to do so.

The following statement provides an overview of what type of data is collected, how this data is used and shared, what security measures we take to protect your data, and how you can obtain information about the information you have given us.

Legal basis for the processing of personal data: Where we obtain the data subject’s consent for processing personal data, Article 6( 1 )(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis. When processing personal data necessary for the performance of a contract to which the data subject is a party, Article 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations necessary for taking steps prior to entering into a contract. Where processing personal data is necessary for compliance with a legal obligation to which we are subject, Article 6(1)(c) GDPR serves as the legal basis. If processing is necessary for the purposes of the legitimate interests pursued by our company or a third party, and the interests or fundamental rights and freedoms of the data subject do not override those interests, then Article 6( 1 )(f) GDPR serves as the legal basis for the processing.

Data Erasure and Storage Period: The personal data of the data subject will be erased or blocked as soon as the purpose of storage no longer applies. Storage may also occur if this is provided for by European or national legislation in EU regulations, laws, or other provisions to which we are subject. Data will also be blocked or erased when a storage period prescribed by the aforementioned regulations expires, unless further storage of the data is necessary for the conclusion or performance of a contract .

The person in charge

(1) Name and address of the controller

The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:

we empower you GmbH Altrottstraße 31 D-69190 Walldorf

Tel: +49 6227 / 38 10 24

Email: kontakt@we-empower-you.de Website: http://www.we-empower-you.de/

Definitions

This privacy policy is based on the terminology used by the European legislator when enacting the EU General Data Protection Regulation (hereinafter referred to as « GDPR »). This privacy policy is intended to be easily readable and understandable. To ensure this, the most important terms are explained below:

(a) Personal data means any information relating to an identified or identifiable natural person ( hereinafter referred to as ‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person .

(b) Data subject means any identified or identifiable natural person whose personal data are processed by the controller .

(c) Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection , recording, organisation, structuring, storage, adaptation or alteration , retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination , restriction, erasure or destruction.

(d) Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person ’s performance at work , economic situation, health, personal preferences, interests, reliability, behavior, location or movements .

(e) Pseudonymisation means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

(f) Controller or data controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for by Union or Member State law.

(g) A processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller .

(h) A recipient is a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether a third party or not. However , public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

(i) A third party is a natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and persons who, under the direct authority of the controller or processor , are authorised to process personal data.

(j) Consent means any freely given , specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Provision of the website and creation of log files

(1) When you use the website for purely informational purposes, i.e., if you do not register or otherwise provide us with information, we automatically collect the following data and information from the computer system of the accessing computer each time the website is accessed:

a) Domain

b) IP address

c) Information about the browser type and version used

d) The user’s operating system

e) Date and time of access

f) Content of the requests (specific pages)

g) Amount of data transferred in each case

h) Language and version of the browser software

i) Names of downloaded files

The data is also stored in our system’s log files. This data is not stored together with other personal data of the user.

(2) The legal basis for the temporary storage of the log files is Article 6(1) (f) GDPR .

(3) The temporary storage of the IP address by the system is necessary in order to

a) To enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must be stored for the duration of the session.

b) to optimize the content of our website and the advertising for it

c) to ensure the functionality of our information technology systems and the technology of our website

d) To provide law enforcement authorities with the information necessary for prosecution in the event of a cyberattack

The data is stored in log files to ensure the website’s functionality. We also use the data to optimize the website and to ensure the security of our IT systems. The data is not used for marketing purposes. These purposes constitute our legitimate interest in data processing pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR.

(4) The data will be deleted as soon as it is no longer required for the purpose for which it was collected – in this case, at the end of the usage process . If the data is stored in log files, this will be the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses will be deleted or anonymized so that it is no longer possible to identify the requesting client.

(5) The collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website, therefore there is no possibility of objection.

Use of cookies

(1) This website uses cookies. Cookies are small text files that are sent from a web server to your browser as soon as you visit a website and stored locally on your device (PC, laptop, tablet, smartphone, etc.). They are stored on your computer and provide the website operator (i.e., us) with certain information. Cookies serve to make the website more user-friendly and secure, in particular to collect usage-related information such as the frequency and number of users of the pages, as well as user behavior on the site. Cookies do not harm your computer and do not contain viruses . This cookie contains a characteristic string (so-called cookie ID) that enables the browser to be uniquely identified when the website is visited again.

(2) We use cookies to make our website more user-friendly. Some elements of our website require that the requesting browser can be identified even after a page change. The following data is stored and transmitted in the cookies :

Decision whether the modal window is hidden

Decision on whether to hide the cookie information

The legal basis for the processing of personal data using cookies is Art. 6 para. 1 sentence 1 lit. f) GDPR.

(3) The purpose of using technically necessary cookies is to simplify your use of websites . Some functions of our website cannot be offered without the use of cookies. For these functions, it is necessary that the browser is recognized even after a page change. We require cookies for the following applications :

Hide the cookie notice and the info box

(4) Cookies remain stored even after the browser session ends and can be accessed again on subsequent visits to the website. However, cookies are stored on your computer and transmitted from there to our site. Therefore , you have full control over the use of cookies. If you do not wish to have your data collected via cookies , you can configure your browser settings to notify you when cookies are being set, to generally block cookies , or to delete cookies individually. Please note, however , that disabling cookies may restrict the functionality of this website. Session cookies are automatically deleted after you leave the website.

Registration for events – will be set up in the future

(1) We offer you the opportunity to register for our events on our website. For this, you must provide a valid email address, your title and name, and your company name so that we know who is registering and can process your registration. Providing further information is voluntary. Shortly before the event, we will send you a reminder email. We will not, as a matter of principle, share the data you provide with third parties unless we are legally obligated to do so or the disclosure is necessary for criminal or legal proceedings.

(2) We process your personal data in accordance with Article 6( 1 )(a) GDPR based on your freely given consent. We log the registration process (IP address and registration time) based on our legitimate interest pursuant to Article 6( 1 )(f) GDPR. This is necessary to provide you with a secure and legally compliant registration system. The transfer of data to our event partner is based on our legitimate interest pursuant to Article 6( 1 )(f) GDPR, as we can only offer you the event in cooperation with our partner in these cases.

(3) The collected personal data will be deleted as soon as it is no longer required for the purpose for which it was collected. If you have also consented to receiving further information in the future, we will delete your data if you withdraw your consent. We will delete your personal data in the aforementioned cases unless further processing of the data is necessary for exercising the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims. We store unsubscribed email addresses for up to [number] years based on our legitimate interests in order to be able to prove previously given consent. In doing so, we ensure that the data is processed only for the purpose of defending against potential claims.

Disclosure of personal data to third parties

1. Links to external websites

This website contains links to external sites. We are responsible for our own content. We have no influence over the content of external links and are therefore not responsible for them; in particular, we do not endorse their content. If you are redirected to an external site, the privacy policy provided there applies. If you notice any illegal activities or content on this site, please feel free to inform us. In this case, we will review the content and take appropriate action (notice and takedown procedure ).

DATA PROTECTION POLICY REGARDING THE USE OF LINKEDIN

The data controller has integrated components of the LinkedIn Corporation into this website. LinkedIn is an internet-based social network that allows users to connect with existing business contacts and establish new ones. Over 400 million registered users in more than 200 countries use LinkedIn. This makes LinkedIn currently the largest platform for business contacts and one of the most visited websites in the world. The operating company of LinkedIn is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. For data protection matters outside the USA, LinkedIn Ireland , Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland , is responsible. Each time a user accesses a page on our website that contains a LinkedIn component (LinkedIn plug-in), this component causes the browser used by the data subject to download a corresponding representation of the component from LinkedIn. Further information about LinkedIn plug-ins can be found at https://developer.linkedin.com/plugins . As part of this technical process, LinkedIn receives information about which specific subpage of our website is visited by the data subject. If the data subject is logged into LinkedIn at the same time, LinkedIn recognizes, with each visit to our website and for the entire duration of the visit, which specific subpage of our website the data subject is viewing. This information is collected by the LinkedIn component and assigned by LinkedIn to the respective LinkedIn account of the data subject. If the data subject clicks a LinkedIn button integrated on our website, LinkedIn assigns this information to the data subject’s personal LinkedIn user account and stores this personal data. LinkedIn always receives information via the LinkedIn component that the data subject has visited our website if the data subject is logged into LinkedIn at the time of accessing our website; this occurs regardless of whether the data subject clicks the LinkedIn component or not. If the data subject does not want this information transmitted to LinkedIn, they can prevent this by logging out of their LinkedIn account before accessing our website. LinkedIn offers guest controls at https://www.linkedin.com/psettings/guest-controls

The option to unsubscribe from email messages, SMS messages, and targeted ads, as well as to manage ad settings. LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua, and Lotame, which may set cookies. These cookies can be rejected at https://www.linkedin.com/legal/cookie-policy . LinkedIn’s applicable privacy policy is available at https://www.linkedin.com/legal/privacy-policy . LinkedIn’s cookie policy is available at https://www.linkedin.com/legal/cookie-policy .

Audio and video conferences

Data processing

We use online conferencing tools, among other methods, to communicate with our customers. The specific tools we use are listed below. When you communicate with us via video or audio conference over the internet, your personal data will be collected and processed by us and the provider of the respective conferencing tool.

The conference tools collect all data that you provide/use to access the tools (email address and/or your phone number). Furthermore, the conference tools process the duration of the conference, the start and end times of your participation, the number of participants, and other contextual information related to the communication process (metadata). The tool provider also processes all technical data necessary for conducting the online communication. This includes , in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker type, and the type of connection.

If content is exchanged, uploaded, or otherwise made available within the tool, it will also be stored on the tool provider’s servers. Such content includes, in particular, cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards, and other information shared during the use of the service.

Please note that we do not have full control over the data processing operations of the tools used. Our options are largely determined by the respective provider’s company policy. Further information on data processing by the conference tools can be found in the privacy policies of the respective tools, which we have listed below this text.

Purpose and legal basis

The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 para. 1 sentence 1 lit. b GDPR). Furthermore , the use of these tools serves to generally simplify and expedite communication with us or our company (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). Where consent has been requested, the use of the relevant tools is based on this consent; this consent can be revoked at any time with effect for the future.

Storage duration

The data we collect directly via video and conferencing tools will be deleted from our systems as soon as you request its deletion, withdraw your consent to its storage, or the purpose for data storage no longer applies. Stored cookies remain on your device until you delete them. Mandatory legal retention periods remain unaffected.

We have no control over how long your data is stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.

Conference tools used

We use the following conference tools:

Microsoft Teams

We use Microsoft Teams. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. Details regarding data processing can be found in the Microsoft Teams privacy statement: https://privacy.microsoft.com/de-de/privacystatement .

Conclusion of a data processing agreement

We have concluded a data processing agreement with the provider of Microsoft Teams and fully implement the strict requirements of the German data protection authorities when using Microsoft Teams.

Web analytics using Google Analytics (with pseudonymization)

We use a service provided by Google LLC (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) on our website to analyze the browsing behavior of our users. The software places a cookie on your computer (see section 4 for more information on cookies). When individual pages of our website are accessed, the following data is stored:

Two bytes of the IP address of the user’s calling system

The requested website

Entry pages, exit pages,

The time spent on the website and the bounce rate

The frequency of visits to the website

Country of origin and regional origin, language, browser, operating system, screen resolution, use of Flash or Java

Search engines used and search terms used

The information generated by the cookie about users’ use of this website is usually transmitted to and stored on a Google server in the USA.

The legal basis for the processing of personal data is Art. 6 para. 1 sentence 1 lit. a) GDPR.

On our behalf, Google will use this information to evaluate your use of the website and to compile reports on website activity. By analyzing the data obtained, we are able to compile information about the use of individual components of our website. This helps us to continuously improve our website and its user-friendliness.

The data will be deleted as soon as it is no longer needed for our record-keeping purposes. In our case, this is after 18 months.

The cookies used are stored on your computer and transmitted from there to our website. If you do not agree to the collection and analysis of usage data, you can prevent this by adjusting your browser settings to disable or restrict the use of cookies. Cookies that have already been stored can be deleted at any time. However, in this case, you may not be able to fully utilize all the functions of this website. Furthermore, you can prevent Google from collecting and processing data generated by the cookie and related to your use of the website (including your IP address) by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de. You have the right to withdraw your consent to the processing of your personal data at any time. If you contact us by email, you can object to the storage of your personal data at any time. Regarding the revocation of consent/objection to storage, please contact the responsible party according to § 1 via email or post.

The responsible party is Google Ireland Ltd., Gordon House, 4 Barrow Street, Dublin, Ireland , Fax: +353 (1) 436 1001. Further information can be found in the Terms of Service at www.google.com/analytics/terms/de.html , in the Privacy Overview at www.google.com/intl/de/analytics/learn/privacy.html and in the Privacy Policy at www.google.de/intl/de/policies/privacy .

SSL encryption

This site uses SSL encryption for security reasons and to protect the transmission of confidential information, such as inquiries you send to us as the site operator. You can recognize an encrypted connection by the fact that the browser’s address bar changes from « http:// » to « https:// » and by the padlock icon in your browser’s address bar. When SSL encryption is activated, the data you transmit to us cannot be read by third parties.

Rights of the data subject

If your personal data is being processed, you are a data subject within the meaning of the GDPR and you have the following rights against the controller :

Right to information

Right to rectification

Right to restriction of processing

Right to erasure

Right to information

Right to data portability

Right to object to processing

Right to withdraw consent under data protection law

Right not to apply an automated decision

Right to lodge a complaint with a supervisory authority

Right to information

(1) You have the right to obtain from the controller confirmation as to whether or not personal data concerning you are being processed. Where that is the case, you have the right to obtain from the controller, at any time and free of charge, information about the personal data stored about you and the following information :

a) the purposes for which the personal data are processed;

b) the categories of personal data that are processed;

c) the recipients or categories of recipients to whom your personal data have been or will be disclosed ;

d) the planned duration of the storage of your personal data or, if specific information on this is not possible, criteria for determining the storage period;

e) the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;

f) the existence of a right to lodge a complaint with a supervisory authority;

g) all available information about the source of the data if the personal data are not collected from the data subject ;

h) the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) GDPR and – at least in those cases – meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

(2) You have the right to request information as to whether your personal data is being transferred to a third country or to an international organisation . In this context, you may request to be informed of the appropriate safeguards pursuant to Article 46 GDPR relating to the transfer .

Right to rectification

You have the right to immediate rectification and /or completion from the controller if the processed personal data concerning you is inaccurate or incomplete.

Right to restriction of processing

(1) Under the following conditions you may request the controller to immediately restrict the processing of your personal data :

a ) if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data ;

b) the processing is unlawful and you object to the erasure of the personal data and instead request the restriction of the use of the personal data;

c ) the controller no longer needs the personal data for the purposes of processing, but you require them for the establishment, exercise or defence of legal claims , or

d ) if you have objected to the processing pursuant to Article 21(1) GDPR and it is not yet clear whether the legitimate grounds of the controller override your grounds .

(2) Where the processing of your personal data has been restricted, such data may – apart from being stored – only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. If the restriction of processing has been imposed under the aforementioned conditions, you will be informed by the controller before the restriction is lifted.

Right to erasure

(1) You have the right to request that the controller erase personal data concerning you without undue delay where one of the following grounds applies :

a) The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.

b) You withdraw your consent on which the processing was based pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR , and there is no other legal basis for the processing.

c ) You object to the processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for the processing , or you object to the processing pursuant to Article 21(2) GDPR.

d) Your personal data has been processed unlawfully.

e) The erasure of personal data concerning you is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject.

f) The personal data concerning you were collected in relation to information society services offered pursuant to Article 8(1) GDPR.

(2) Where the controller has made the personal data concerning you public and is obliged pursuant to Article 17(1) GDPR to erase them, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you , as the data subject, have requested the erasure by such controllers of any links to, or copies or replications of, those personal data.

(3) The right to erasure does not apply to the extent that processing is necessary.

a) to exercise the right to freedom of expression and information;

b) for compliance with a legal obligation which requires processing under Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller ;

c) for reasons of public interest in the area of ​​public health pursuant to Art. 9 para. 2 lit. h and i and Art. 9 para. 3 GDPR;

d) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes pursuant to Article 89(1) GDPR, insofar as the right referred to in point (a) is likely to render impossible or seriously impair the achievement of the objectives of that processing, or

e ) for the establishment, exercise or defense of legal claims .

Right to information

If you have asserted your right to rectification, erasure, or restriction of processing against the controller, the controller is obligated to communicate this rectification, erasure, or restriction of processing to all recipients to whom your personal data has been disclosed , unless this proves impossible or involves disproportionate effort. You have the right to be informed by the controller about these recipients .

Right to data portability

(1) You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used and machine-readable format. You also have the right to transmit those data to another controller without hindrance from the controller to whom the personal data have been provided, provided that

a) the processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract pursuant to Art. 6 para. 1 lit. b GDPR and

b) the processing is carried out using automated procedures.

(2) In exercising this right , you also have the right to have your personal data transmitted directly from one controller to another , where technically feasible. The rights and freedoms of other persons must not be adversely affected by this.

(3) The right to data portability shall not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller .

(4) To exercise the right to data portability, the data subject may contact the controller at any time.

Right to object

(1) You have the right to object , on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) of the GDPR, including profiling based on those provisions .

(2) The controller shall no longer process the personal data concerning you unless he can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the purpose of establishing , exercising or defending legal claims .

(3) Where your personal data are processed for direct marketing purposes , you have the right to object at any time to the processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object to processing for direct marketing purposes, your personal data will no longer be processed for such purposes.

(4) You have the option, in connection with the use of information society services – notwithstanding Directive 2002/58/EC – to exercise your right to object by automated means using technical specifications .

(5) To exercise the right to object , the data subject may contact the controller directly .

Right to withdraw consent under data protection law

You have the right to withdraw your consent to data processing at any time. Withdrawing your consent does not affect the lawfulness of processing based on consent before its withdrawal . You can contact the data controller to do so.

Automated decision-making in individual cases, including profiling

(1) You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision

a) is necessary for the conclusion or performance of a contract between you and the controller,

b) is permitted under Union or Member State law to which the controller is subject and which contains appropriate measures to safeguard your rights and freedoms and legitimate interests or

c) with your express consent.

(2) However, these decisions may not be based on special categories of personal data as defined in Article 9(1) GDPR, unless Article 9(2)(a) or (g) GDPR applies and appropriate measures to safeguard your rights and freedoms and legitimate interests have been taken.

(3) In the cases referred to in (1) and (3), the controller shall implement suitable measures to safeguard the rights and freedoms and legitimate interests of the data subject, at least the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision .

(4) If the data subject wishes to exercise rights relating to automated decision-making , he or she may contact the controller at any time.

Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work, or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR. The supervisory authority with which the complaint has been lodged shall inform the complainant of the progress and the outcome of the complaint, including the possibility of a judicial remedy pursuant to Article 78 GDPR.

Changes to the privacy policy

We reserve the right to amend our privacy practices and this policy to adapt them to changes in relevant laws or regulations, or to better meet your needs. Any changes to our privacy practices will be announced here. Please note the current version date of the privacy policy.