When you visit our websites or our LinkedIn profile, your personal data is processed by us, by service providers and, with LinkedIn, also by third parties. We would like to explain below which personal data we and third parties commissioned by us collect and process, for what purpose they are collected, how long they are stored and who is responsible for data processing. At the end of the following information, you will also find explanations of the rights to which you are entitled as a data subject on the basis of the data processing.
If you have any questions about data protection and data processing, you can contact us at any time:
1. Person Responsible
This data protection notice applies to data processing by (the responsible party):
for our websites and profiles:
2. Collection and storage of personal data and the type and purpose of their use
a) When visiting the website: log files and cookies
About log files:
When you visit our website, the browser used on your device automatically sends information to our webserver. This information is temporarily stored in a so-called log file.
The following information is recorded without your intervention and stored until it is automatically deleted after 7 days, not later than 14 days:
- IP address of the requesting end device,
- date and time of access,
- name and URL of the retrieved file,
- website from which access is made (referrer URL),
- browser used and, if applicable, the operating system of your device and the name of your access provider.
The data mentioned are processed by us for the following purposes:
- to ensure a smooth connection establishment of the website,
- to ensure comfortable use of our website,
- evaluation of system security and stability,
- other administrative purposes.
The legal basis for data processing is Article 6 Paragraph 1 Letter f GDPR. Our legitimate interest follows from the data collection purposes listed above. Under no circumstances do we use the collected data for the purpose of drawing conclusions about your person. We do not combine it with other data.
About cookies and other tracking technologies:
No cookies are set.
And because this is the case, here is some general information on the subject of biscuits and cookies:
Cookies are known to be little treats that also like to help increase hip gold, especially around the Christmas season. Fortunately, cookies do not process any data – not even on the weight of the eater or the number of calories.
„Cookies“, on the other hand, are small text files that are stored and stored on your end device in the browser. This „delicacy“ in programming technology was developed in the early days of the Internet to give the Internet or websites a memory and to make Internet use more convenient. Without cookies, a website could not (and cannot) remember whether a visitor has visited the website before and whether, for example, certain entries, such as a registration or a shopping cart, have already been made or filled. This meant and means that a website without cookies could (and can) process all of the visitor’s input in just one step. Cookies are therefore neither good nor bad in general. This applies in any case if they are used according to the original purpose.
The term „cookies“ was coined instead of the less catchy term „persistent client state object“ by the inventor of the technology Lou Monelli (1994; cf. also the New York Times article of 09/04/2001, Section A, Page 1 of the National edition with the headline : Giving Web a Memory Cost Its Users Privacy by John Schwartz) in practice. The term „cookies“ as it is used today is based on the code snippets originally referred to as „magic cookies“, which computers exchanged for identification purposes, for example. The cookie is nothing else in its basic function: HTTP cookies that „remember“ the language and font size or design of the website when visiting the site so that they can be used again with these settings the next time they visit to display. However, instead of using names for identification, session IDs are created which have no identifying value outside of the application system of the website that created them (cf. the code numbers in auctions or cloakroom tokens in the theatre).
Naturally, HTTP cookies will continue to be used with their basic function. The data protection notices of websites therefore contain notices such as: PHPSESSID – session ID cookie is deleted after the session has ended.
However, the use of this basic function in networks of websites is problematic in terms of data protection law, i.e. not only the issuing website recognizes and uses the cookie and the session ID, but also this session ID from several websites (cross-site) due to cooperation between websites can be recognized and used. „Third-party cookies“ or „tracking cookies“ are then used for this purpose. At the end of the day, this leads to so-called cross-tracking of the visitor to a website and, for example, to the „display of personalized advertising“ also, for example, in advertising banners on other websites. Cookies are not the only techniques that can be used for cross-site tracking, i.e. not every tracking can be prevented by switching off/blocking the setting of cookies in the browser (e.g. canvas fingerprinting).
There are also persistent cookies and session cookies. Session cookies are short-lived cookies that are deleted after closing the browser. Persistent cookies are called persistent if they remain stored in your browser/end device for a longer period of time. The person responsible can usually control and adjust the storage period. The longest storage period should not be more than 14 months.
However, if cookies are actually used, you can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find such information and instructions for the respective browser, for example, under the following links or if you enter the terms „cookie settings + browser“ in an Internet search engine of your choice:
- Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
- Chrome: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en
- Safari: https://support.apple.com/de-de/guide/safari/sfri11471/12.0/mac/10.14
- Opera: https://help.opera.com/de/latest/web-preferences/#cookies
If cookies are not accepted, the functionalities of websites such as online shops (registration and shopping cart) may actually be restricted.
b) When subscribing to our newsletter
If you have given your express consent in accordance with Article 6(1)(a) GDPR, we will use your e-mail address to send you our newsletter on a regular basis. Providing an e-mail address is sufficient to receive the newsletter.
You can unsubscribe at any time, for example via a link at the end of each newsletter. Alternatively, you can send your unsubscribe request (revocation) at any time to firstname.lastname@example.org by e-mail.
c) When you contact us
If you have any questions about data processing or our services, we offer you the option of contacting us either via a form provided on the website or simply by e-mail to email@example.com. It is necessary to provide your name, your valid e-mail address and a brief description of your request (arrange an appointment; request a callback; specific questions etc.), so that we know who sent the request and so that we can also process your request . Further information can be provided voluntarily and will help us to process your request more effectively.
Data processing for the purpose of contacting us takes place in accordance with Article 6 Paragraph 1 Letter a GDPR on the basis of your voluntarily given consent.
The personal data collected by us for the use of the contact form will be automatically deleted after the request you have made has been accomplished.
d) When you visit our LinkedIn/Xing profile via our websites
We only set links on our websites to make it easy to find our LinkedIn profile at https://de.linkedin.com/company/protadus-gmbh or our Xing profile at https://www.xing.com/pages/protadus-gmbh. A direct connection to LinkedIn (a US subsidiary in the EU) is not automatically established when you visit our website.
In addition, you can click on the link to our profile in the LinkedIn network if you agree to the information on data processing by LinkedIn.
e) When you visit our LinkedIn profile and Page Insights
Use and communication among members
As a LinkedIn member, we process your comments and messages and social actions („likes“) you provide to us as a LinkedIn member within the LinkedIn network and the technical environment of the network specified by LinkedIn in order to communicate with you where appropriate, at your request, to get in touch and exchange social actions and/or messages.
If you visit, follow or engage with our LinkedIn presence as a LinkedIn member, LinkedIn Ireland Unlimited Company (hereinafter: LinkedIn) and its affiliated companies will process personal data in order to provide you with insights into LinkedIn. In particular, LinkedIn processes data that you have made available to LinkedIn as a member, such as function, country, industry, length of service, company size and data on employment status from your profile as a member. In addition, LinkedIn processes information about how a member has interacted with our company page, e.g. whether a member is a follower.
- User Agreement | LinkedIn https://www.linkedin.com/legal/user-agreement
- Cookie table (linkedin.com) https://de.linkedin.com/legal/l/cookie-table?
- Data transfer from the EU, EEA and Switzerland | LinkedIn Help https://www.linkedin.com/help/linkedin/answer/62533
You will also be redirected to the LinkedIn website if you click on the above links. In this respect, LinkedIn is responsible for data processing.
About Page Insights
However, we essentially reproduce the information provided there in English again below: The so-called page insights provided to us are data aggregated by LinkedIn. However, LinkedIn will not provide us with any personally identifiable information about individual members in relation to Page Insights or enable us to link Page Insights and collected data with individual members. We are therefore only responsible for this data from LinkedIn Page Insights, which has been anonymized for us. Incidentally, LinkedIn is responsible for page insights and the associated data processing. LinkedIn alone guarantees the security of the processing of member data and the provision of page insights through appropriate technical and organizational measures; more information is available through LinkedIn here:
As a LinkedIn member, you can exercise your data subject rights via your account settings or by contacting LinkedIn directly. Data transfer to third countries LinkedIn also transfers data from the European Union (EU), the European Economic Area (EEA) and Switzerland to the United States of America (USA) and back. LinkedIn relies on Standard Contractual Clauses approved by the European Commission as a legal instrument for data transfers from the European Union (e.g. between LinkedIn Ireland Unlimited Company or its customers and LinkedIn Corporation in the USA; https://ec.europa.eu/ info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en). The LinkedIn data centers for storing its members‘ information are currently located in the United States. More information can be found here:
f) When you visit our Xing presence
Generally, New Work SE (Germany/EU) is solely responsible for the processing of personal data when you visit our XING profile https://www.xing.com/pages/protadus-gmbh. Further information about the processing of personal data by New Work SE can be found at https://privacy.xing.com/de/datenschutzerklaerung.
3. Recipients of Data
For the technical implementation of our websites, we use processors who help us to host, maintain and service the website so that the security of the website is guaranteed. These processors are based in the EU, mostly in Germany. It cannot be ruled out that these processors will have access to the data collected via the website.
A transfer of your personal data to third parties does not take place, unless:
- you have given your express consent to this in accordance with Article 6 (1) (a) GDPR,
- the disclosure pursuant to Article 6 (1) (f) GDPR is in our or your overriding legitimate interest or the legitimate interest of a third party and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,
- the disclosure is required in accordance with Article 6 (1) (f) GDPR to assert, exercise or defend legal claims,
- in the event that there is a legal obligation for the transfer according to Art. 6 Para. 1 lit. c DSGVO, as well as
- this is permitted by law and required for the processing of contractual relationships with you in accordance with Article 6 (1) (b) GDPR.
We do not actively transfer data to third countries. With regard to the transfer of data from LinkedIn to third countries, we refer to our instructions under 2 e).
4. Data subject rights
As a data subject, you have the rights:
- to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can obtain information about the processing purposes, the category of personal data, the categories of recipients to whom your data was or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a Right to complain, the origin of your data, if not collected from us, and the existence of automated decision-making including profiling and, if necessary, meaningful information about their details;
- in accordance with Art. 16 GDPR, to immediately request the correction of incorrect or incomplete personal data stored by us;
- According to Art. 17 GDPR, to request the deletion of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims is required;
- pursuant to Art. 18 GDPR, to request the restriction of the processing of your personal data if you dispute the accuracy of the data, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you use them to assert, exercise or defense of legal claims or you have objected to the processing pursuant to Art. 21 GDPR;
- in accordance with Art. 20 GDPR, to receive a copy of your personal data that you have provided to us in a structured, common and machine-readable format or to request transmission to another person responsible;
- pursuant to Art. 7 Para. 3 GDPR, to revoke your consent once given to us at any time. As a result, we are no longer allowed to continue the data processing based on this consent for the future (right of withdrawal). If you would like to make use of your right of revocation or objection, an e-mail to: firstname.lastname@example.org or email@example.com is sufficient;
- to complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work or our headquarters.
5. Right to object
If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Art 21 DSGVO if there are reasons resulting from your particular situation or if the objection is against direct advertising. In the latter case, you have a general right of objection, which we will observe without specifying a particular situation or reason.
If you would like to make use of your right of revocation or objection, an e-mail to: firstname.lastname@example.org or email@example.com is sufficient.