PRIVACY
POLICY

PIA Media

The regulations of the EU General Data Protection Regulation (hereinafter referred to as DS-GVO) apply throughout Europe. We would like to inform you about the processing of personal data carried out by our company in accordance with this regulation (compare Articles 13 and 14 DS-GVO). If you have any questions or comments about this data protection declaration, you can send them at any time to the e-mail address given in section 1.2 or 1.3.

1. Overview

In this section of the data protection declaration you will find information on the scope, the person responsible for data processing and his or her data protection officer.

1.1 Scope

On this page, we inform you about the type, scope and purpose of the personal data collected by PIA Media GmbH, PIA Media MUC GmbH, PIA Media DUS GmbH, which are processed both when you visit this website and during other processing under our responsibility that is not related to this website.

1.2 Controller

The person responsible for data processing – i.e. the person who decides on the purposes and means of processing personal data – in connection with the processing is:

PIA Media GmbH
Gorch-Fock-Wall 1a
20354 Hamburg
Telefon: +49 (0)401888 112 0
E-Mail: info@performance-media.de

PIA Media MUC GmbH
Erika-Mann-Str. 63
80636 München
Telefon: +49 (0)89 540 469 0
E-Mail: kontakt@bluesummit.de

PIA Media DUS GmbH
Nordstraße 118
40477 Düsseldorf
Telefon: +49 (0)221 43717-0
E-Mail: info@digital-media.de

1.3 Data protection officer

You can contact our data protection officer as follows:

Contact form: https://www.dsextern.de/anfragen

DS EXTERN GmbH

Dipl.-Kfm. Marc Althaus

Frapanweg 22

D-22589 Hamburg

 

2. The data processing in detail

In this section of the data protection declaration, we will inform you in detail about the processing of personal data. For the sake of clarity, we have broken down this information according to certain functionalities.

2.1 General information on data processing

Unless otherwise stated, the following applies to all processing shown:

2.1.1 No obligation to provide

There is no legal obligation to provide personal data. You are not required to be data controllers.

2.1.2 Consequences of non-provision

If data is required (data that are marked as mandatory when entered), the failure to provide the service in question may not be performed. Otherwise, the non-provision may mean that our services cannot be provided in the same form and quality.

2.1.3 Transmission to government authorities

We only transmit personal data to state authorities (including law enforcement authorities) if this is necessary to fulfill a legal obligation to which we are subject (legal basis: Art. 6 Para. 1 c) GDPR) or to assert, exercise or defend against Legal claims is required (legal basis Art. 6 Para. 1 f) GDPR).

2.1.4 Storage period

We do not store your data longer than we need to store it for the respective processing purposes. If the data is no longer required, it is regularly deleted, unless it is still necessary to store it for a limited period. Reasons for this can be, for example:

  • The fulfillment of commercial and tax retention obligations
  • Obtaining evidence for legal disputes within the framework of the statutory statute of limitations

2.1.5 Categories of Recipients

In addition to the recipient categories explicitly listed below, personal data is also transmitted to the following categories of recipients: IT service providers, telephone and fax providers.

2.1.6 Data categories

  • Account data: login / user ID and password
  • Personal master data: title, salutation / gender, first name, last name, date of birth
  • Address data: street, house number, if necessary additional addresses, zip code, city, country
  • Contact details: telephone number (s), fax number (s), email address (es)
  • Login data: information about the service through which you logged in; Times and technical information on registration, confirmation and deregistration; the data you provided when registering
  • Order data: ordered products, prices, payment and delivery information
  • Payment details: account details, credit card details, details on other payment services such as PayPal
  • Access data: date and time of your visit to our service; the page from which the accessing system HAS reached our page; at the visited pages; Session identification data (session ID); In addition, the following information from the accessing computer system: uses the Internet protocol address (IP address), browser type and version, device type, operating system and similar technical information.
  • Application data: curriculum vitae, references, evidence, work samples, certificates, pictures, videos
  • Data according to item no. 9 GDPR: data showing racial and ethnic origin, political opinions, religious or ideological convictions or trade union membership, as well as genetic data, biometric data for the unambiguous identification of a natural person, health data or data on sex life or sexual orientation of a natural person.

2.2 Accessing the website

This describes how we process your personal data when you visit the website.

2.2.1 Information on processing

Datacategory

intended purpose

Legal basis

possibly legitimate interest

Storage period

Access data

Establishing a connection, displaying the content of the service, detecting attacks on our site based on unusual activities, diagnosing errors

Preservation of legitimate interests (Art. 6 Paragraph 1f GDPR)

Proper functioning of the services, security of data and business processes, prevention of misuse, prevention of damage caused by interference with information systems

7 days

User Consent Data

User Consent Management and in particular the storage and management of choices made by the visitor regarding the use or non-use of tools when visiting this website

Fulfillment of a legal obligation (Art. 6 Para. 1c GDPR)

3 years

 

2.2.2 Recipients of the personal data

Recipient category

Affected data

Legal basis for the transfer

possibly legitimate interest

Hosting provider

Access data

EU standard contract with additional guarantees

User Consent Management Plattform

User Consent Data

Consent (Art. 6 Para. 1a GDPR)

Tag Management Plattform

Aggregated data to trigger tags

Consent (Art. 6 Para. 1a GDPR)

Tracking & Analytics Plattform

Access data

Consent (Art. 6 Para. 1a GDPR)

Webfonts Plattform

Access data

Consent (Art. 6 Para. 1a GDPR)

Translation Plattform

Access data

Consent (Art. 6 Para. 1a GDPR)

2.2.3 Content providers who transmit data to third countries

recipient

functionality

Data categories

If necessary, adequacy decision (Art. 45 GDPR)

If necessary, suitable guarantees (Art. 46 GDPR)

Amazon Web Services

Provision of the infrastructure

Access data

EU standard contract with additional guarantees

2.2.4 Tracking to analyze and optimize our services and their use

In the following, we describe how your personal data is processed using tracking technologies to analyze and optimize our services.

The description of the tracking process also contains information on how you can prevent or object to data processing. Please note that the so-called „opt-out“, i.e. the rejection of processing, is usually saved via cookies. If you use our services via a new device or in a different browser, or if you have deleted the cookies set by your browser, you must declare your rejection again.

The tracking procedures shown process personal data only in pseudonymous form. A connection with a specific, identified natural person, i.e. a merging of the data with information about the bearer of the pseudonym, does not take place.

Purpose of processing: The analysis of user behavior by means of tracking helps us to check the effectiveness of our services, to optimize them and to adapt them to the needs of the users as well as to correct errors.

Legal basis for processing: Consent according to Art. 6 Para. 1 lit. a GDPR

The tracking procedures used are described in the Consent Management Tool.

2.3 newsletter

We describe here what happens to your personal data in connection with a subscription to our newsletter:

2.3.1 Information on processing

Data category

Intended use

Legal basis

possibly legitimate interest

Storage period

E-mail address

Verification of the registration (double opt-in procedure), newsletter delivery

Consent (Art. 6 par. 1a DS-GVO

Newsletter subscription duration

Person master data

Newsletter personalization

Consent (Art. 6 par. 1a DS-GVO

Newsletter subscription duration

Login / logout data

Traceability of successful newsletter registration/confirmation/unsubscription

Safeguarding legitimate interests (Art. 6 para. 1f DS-GVO)

Proof of successful newsletter subscription/confirmation/unsubscription

Newsletter subscription duration (Logout data, unlimited to meet accountability requirements).

Login / logout data

Usage profile data newsletter / tracking

interest-oriented design of the newsletter

Consent (Art. 6 par. 1a DS-GVO

Newsletter subscription duration

2.3.2 Recipients of the personal data

Recipient category

Data affected

Legal basis of the transfer

Legitimate interest, if any

Newsletter provider

all data mentioned under 2.3.1

Order processing (Art. 28 DS-GVO)

2.3.3 Transfer of personal data to third countries

Recipient

Functionality

Data categories

If applicable, adequacy decision (Art. 45 DS-GVO)

 

Where applicable, appropriate safeguards, (Art. 46 DS-GVO)

none

2.4 Application

A wide range of career opportunities exist within our group of companies. In an ongoing application process, we process your personal data in the following ways:

We store your application documents with all the information you provide in them in the application pool of the PIA group of companies (https://pia.me ). The PIA companies use the application pool to find suitable candidates for vacant positions. Your data will be deleted 6 months after inclusion in the application pool or, in the case of consideration in a selection process, 6 months after completion of the selection process. Your application documents will only be passed on within the PIA group of companies; they will not be passed on to third parties.

2.4.1 Processing information

Data category

Purpose

Legal basis

Legitimate interest, if any

Storage time

Address data, contact details

Identification, contacting, communication for contract initiation

Contract (Art. 6 para. 1b DS-GVO)

6 months

Person master data

Identification, contact, age verification

Contract (Art. 6 para. 1b DS-GVO)

6 months

Application data

Assessment and evaluation for the advertised position

Contract (Art. 6 para. 1b DS-GVO)

6 months or until termination of contract

2.4.2 Recipients of the personal data

Recipient category

Data affected

Legal basis of the transfer

Legitimate interest, if any

Applicant Management & Data Storage Provider

all data mentioned under 2.4.1 (if not contradicted in parts)

Order processing (Art. 28 DS-GVO)

PIA Group of companies

all data mentioned under 2.4.1 (if not contradicted in parts)

Joint Controller (Art. 26 DS-GVO)

2.4.3 Transfer of personal data to third countries

Recipient

Functionality

Data categories

If applicable, adequacy decision (Art. 45 DS-GVO)

Where applicable, appropriate safeguards, (Art. 46 DS-GVO)

none

2.5 2.5 Customer service

How we process your personal data when you contact our customer service department can be found here:

 

2.5.1 Processing information

Data category

Purpose

Legal basis

Legitimate interest, if applicable

Storage time

Personal master data, contact data, contents of inquiries/complaints

Handling customer inquiries and user complaints

Contract (Art. 6 para. 1b DS-GVO), protection of legitimate interests (Art. 6 para. 1f DS-GVO)

Customer loyalty, improvement of our service

Processing the request

2.5.2 Recipients of the personal data

Recipient category

Data affected

Legal basis of the transfer

Legitimate interest, if any

Customer management

all data mentioned under 2.5.1 (if not contradicted in parts)

Order processing (Art. 28 DS-GVO)

Associated companies

all data mentioned under 2.5.1 (if not contradicted in parts)

Order processing (Art. 28 DS-GVO)

2.5.3 Transfer of personal data to third countries

Recipient

Functionality

Data categories

If applicable, adequacy decision (Art. 45 DS-GVO)

Where applicable, appropriate safeguards, (Art. 46 DS-GVO)

none

2.6 Social Media

How we process your personal data when you follow us on social media can be found here:

2.6.1 Processing Information

 

Data categories

Purpose

Legal basis

Legitimate interest, if any

Storage time

Online Identifier

External presentation, advertising approach

Safeguarding legitimate interests (Art. 6 para. 1f DS-GVO)

New customer acquisition, existing customer care and employee recruitment and retention

analogous to the contract term

2.6.2 Recipients of the personal data

Recipient category

Data affected

Legal basis of the transfer

Legitimate interest, if any

Social media platform operator

all data mentioned under 2.6.1

Safeguarding legitimate interests (Art. 6 para. 1f DS-GVO)

New customer acquisition, existing customer care and employee recruitment and retention

2.6.3 Transfer of personal data to third countries

Recipient

Functionality

Data categories

If applicable, adequacy decision (Art. 45 DS-GVO)

Where applicable, appropriate safeguards, (Art. 46 DS-GVO)

Xing, LinkedIn, Twitter, Facebook, Instagram, Kununu

External presentation, advertising approach

Online Identifier

EU standard contract or joint controller with additional guarantees

 

3. Rights of data subjects

3.1 Right to object

You have the right, for reasons that arise from your particular situation, at any time with effect for the future against the processing of personal data relating to you, which is carried out in accordance with Art. 6 Paragraph 1 Letter e) or f) GDPR, to lodge an objection. You can exercise your right of objection free of charge

 

 

 

3.2 Right to information

You have the right to find out whether we are processing personal data concerning you, what personal data this may be, and further information in accordance with Art. 15 GDPR.

 

3.3 Right to rectification

You have the right to request us to correct any incorrect personal data relating to you without delay (Art. 16 GDPR). Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data – including by means of a supplementary declaration 

3.4 Right to deletion („right to be forgotten“)

You have the right to demand that we delete personal data concerning you immediately if one of the reasons stated in Art. 17 Para. 1 GDPR applies and the processing is not for one of the reasons in Art. 17 Para. 3 DS -GVO regulated purposes is required. 

3.5 Right to restriction of processing

You are entitled to request a restriction in the processing of your personal data if one of the conditions set out in Art. 18 Para. 1 Letters a) to d) of the GDPR is met.

3.6 Right to data portability

You have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format. You also have the right to transmit this data to another person responsible without hindrance from us or to have us transmit it directly, provided that this is technically possible. This should always apply if the basis for data processing is consent or a contract and the data is processed automatically. This does not apply to data that is only kept in paper form.3.7 Right of withdrawal with consentIf the processing is based on your consent, you have the right to withdraw your consent at any time. This does not affect the legality of the processing carried out on the basis of the consent up to the point of revocation. 

3.8 Right to complain
You have the right to lodge a complaint with a supervisory authority.

 

Status: 05.10.2021
Version: 2.8

 

GET IN TOUCH!

für eine neue Ära der Marketingkommunikation.