1. Standard guidelines (Art. 13 GDPR)
All personal data that are collected when you visit our website are processed by us in accordance with the statutory provisions on data protection and with the need to preserve information security.
The controller for data processing in relation to the use of this website within the meaning of Art. 4(7) GDPR is:
Data protection officer
For information, questions, suggestions and complaints about data protection, please contact our data protection officer.
The company data protection officer of Chrono24 can be contacted at the above address, FAO Data Protection Department, or at firstname.lastname@example.org.
2. Your rights
You may obtain information at any time regarding the data stored about you by us using the contact details above.
You also have the right to rectification of incorrect personal data or, if the legal conditions are met, to demand rectification, restriction or erasure of your data.
You can object to the use of your personal data for purposes of direct marketing, market research or for the appropriate design of telemedia at any time in no specific format.
You can withdraw the consent you give on this page by using the contact details for the data protection officer provided above in no specific format or via the withdrawal links on this website. This does not affect the lawfulness of the processing carried out on the basis of your consent up to the point of withdrawal.
On request, we will transfer to you the data you have provided to us for processing in a structured, standard and machine-readable format that you can use for further processing. Please send your request in this connection to the contact address given above.
You have the right to contact our data protection officer at any time with complaints about data protection using the contact details above. You can also lodge a complaint with the relevant data protection supervisory authority: https://www.baden-wuerttemberg.datenschutz.de/
3. Security of transmission
By default this website transmits personal data using the so-called TLS security system (Transport Layer Security) in conjunction with at least 128 bit encryption to protect data from accidental or intentional manipulation, loss, destruction or access by unauthorised persons. The security measures are continually being adapted to keep pace with technological developments.
4. Collection of user data when visiting this website
When you use our website, a range of information is recorded about you as a user, which can be related to a specific user at least in theory via the IP address, the specific user settings or other identification options. Those data are used for technical purposes relating to the presentation of the site and for optimisation of the site by means of the statistical recording of user behaviour; however, they may also be used to display information or inputs already entered to the user following an interruption. Below we describe the user data collected on this site and the other services used on it.
The option to object to services from third-party providers is given in the description of the service in question (see below).
Transfer of browser data and settings
If you use the website purely for information purposes, i.e. you do not register or pass on any other information to us, we collect only the personal data that your browser transfers to our server to display our website to you and ensure its stability and security. The legal basis for processing is Art. 6(1) section (f) GDPR (legitimate interest):
- IP address of the requesting computer
- Date and time of access
- Content of the request (specific page)
- Access status / https or http status code
- Data volume transferred
- Website from which access was made (referrer URL)
- User browser
- Operating system
- Language and version of the browser software
- Cookies / flash cookies
- Session ID
- User agent
- Name of the access provider
- Other technical parameters, e.g.
- Number and type of plug-ins installed
- Size of the browser window
- Resolution of the screen
- Languages supported
- Fonts installed
This information is stored temporarily in a so-called logfile. It is collected without your active participation and erased automatically after 30 days.
Objection to tracking
This website respects the “do not track” function. By means of the link below, you can adjust your browser settings accordingly. We cannot provide any guarantee that our third-party providers respect and implement the “do not track” option. If you enable the option, we cannot track your visits:
5. Our services (interactions)
When you use the following services offered on our website, the personal data you provide in this context are stored and processed for the specified purposes – e.g. for registration, surveys or to execute a contract.
If you wish to apply for a vacancy advertised on our website using the form provided under this https://about.chrono24.com/application-form/, you are asked to provide a range of information. The data provided by you are transferred via a secure TLS connection.
Data that are mandatory for acceptance of your application are marked with an asterisk.
Your electronic application data are received by the HR department and made available only to the department responsible for the vacancy in question. Everyone involved in the application process will treat your application documents in confidence. The documents are erased at the latest six months from the end of the application process.
The HR departments of our branches in New York and Hong Kong also have access to your application information. This occurs only in compliance with the measures for ensuring an appropriate level of data protection in Art. 44 et seq. GDPR. Agreements on joint responsibility – so-called Joint Controllership Agreements – have been concluded with these branches. If the country of the receiving branch does not have an adequacy decision from the EU Commission and the recipient is not covered by the Privacy Shield agreement, the standard contractual clauses are used for the transmission of personal data to third-party countries pursuant to Directive 95/46/EC of the European Parliament and Council (accessible at https://eur-lex.europa.eu/legal-content/DE/TXT/?qid=1487056769872&uri=CELEX:32004D0915).
The legal basis for processing is Art. 6(1) Section (b) GDPR.
Provided that you give your consent, your application will be kept for a period of no longer than one year in our applicant pool. This allows us to consider you in any appropriate application process at a later date.
When new vacancies come about, a search of the applicant pool for suitable candidates is carried out automatically. This may result in our contacting you about your potential interest in a post with us that we consider suitable for you.
The legal basis for data processing, storage and contact relating to the applicant pool is Art. 6(1) Section (a) GDPR.
You can withdraw your consent to inclusion in the applicant pool at any time. In this case, your application will immediately be erased from the applicant pool and will no longer be available to us. Ideally you should send an email to withdraw your consent to email@example.com.
6. External services
We use so-called web fonts from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”) to display fonts.
Google is certified under the “Privacy Shield” (https://www.privacyshield.gov/), which is intended to guarantee compliance with the level of data protection applicable in the EU.
When you access a page, your browser loads the web fonts required so that it can display text and fonts correctly. For this purpose, your browser makes a connection to Google, as a result of which Google is informed that our website has been accessed via your IP address.
Google Fonts are used in the interest of a consistent and appealing presentation of our website. If your browser does not support Google Fonts or web fonts, a standard font will be used by your end device.
The legal basis for the processing of personal data when using Google Fonts is Art. 6(1) Section (f) GDPR (legitimate interest).
7. Analysis services
We use various tracking services for purposes of the appropriate design of the website, measurement of reach, analysis of general user behaviour on the website and optimisation of our commercial operations.
We create user profiles for purposes of marketing, market research and the appropriate design of our telemedia. In accordance with the German Telemedia Act (TMG), these are created and managed exclusively using a pseudonym, provided that you have not objected to this procedure as a user. The user profiles are never combined with data about the individual behind the pseudonym.
Function and types of cookies
Cookies are small text files that are stored on your computer by your browser. They contain various pieces of information, e.g. the duration of your website visit and user inputs. They may be provided both by us as the website provider (so-called first-party cookies) and, in the case of collaboration with third parties, by those third parties (so-called third-party cookies) and for various periods of storage (duration of use of the site, or for several weeks or years). You can restrict or prevent cookies from being saved and read, but you will then be unable to use all the functions of the website.
Our website uses so-called “session cookies”. They are used to store relevant data about the website visit or to recognise your computer during your visit and when you return (e.g. easier password input). These cookies ensure that you can use all the technical functions of the website. The legal basis for processing is Art. 6(1) Section (f) GDPR.
We use Google Analytics, a web analysis service of Google Ltd. (“Google”, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) for purposes of the appropriate design of the website, measurement of reach, analysis of general user behaviour on the website and the optimisation of our commercial operations. Google is certified under the Privacy Shield agreement and thereby guarantees compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Google Analytics uses so-called “cookies” to facilitate analysis of your website use. The information stored by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. We have activated IP anonymisation on this website. As a result, if you are in a Member State of the European Union or another country that is a signatory to the Agreement on the European Economic Area, your IP address is truncated before it is used and passed on. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, compile reports about website activities and provide other services to the website operator associated with website and Internet use.
You will find further information about Google’s use of data, setting options and ways of objecting on Google’s web pages:
- https://policies.google.com/technologies/partner-sites (“How google uses information from sites or apps that use our services”)
- https://policies.google.com/technologies/ads (“Technologies and principles/Advertising”)
- https://adssettings.google.com/ (“Ad personalization”)
The IP address sent to Google by your browser in the context of Google Analytics is not combined with any other Google data. You can prevent the storage of cookies by adjusting the appropriate setting in your browser software; please note that you may not be able to use all the functions of this website to their full extent in this case.
In addition, you can prevent the collection of the data generated by the cookie relating to your use of the website (including your IP address) and processing of those data by Google by downloading and installing the browser plug-in provided under the following link http://tools.google.com/dlpage/gaoptout?hl=en.
The online advertising programme “Google AdWords” is also one of the Google marketing services we use. When Google AdWords is used, each AdWords customer (i.e. each site operator like us) is given a different “conversion cookie”. Those cookies cannot be tracked via the websites of AdWords customers. We are, therefore, unable to evaluate the conversion cookie ourselves. The information collected with the aid of the cookie is used to create so-called conversion statistics for our website. This is the term used for the evaluation of previously defined actions carried out by a user on the website. Google tells us the total number of users that have clicked on an ad and been forwarded to a page that has a conversion tracking tag. However, we do not obtain any information with which users can be identified in person. We also use Google Analytics to evaluate data from AdWords and the double click cookie for statistical purposes. If you do not want the use of AdWords to be evaluated, you can disable this via the Google ad settings manager (https://adssettings.google.com/authenticated?hl=en).
8. Social Media
Facebook, Twitter, Instagram, Pinterest, YouTube
On the basis of Art. 6(1) Sentence 1 Section (f) GDPR, we use links to the social networks Facebook, Twitter, Instagram and YouTube on our website to raise the profile of our company.
These are not links that do not require consent pursuant to Art. 6(1) Section (a) GPDR. Responsibility for ensuring operations in accordance with data protection lies with the respective provider. Social media buttons are integrated using a solution that prevents connection to a social network as soon as a page with a social media button is opened without clicking on that button. This means that no information is transmitted to the social network until you click on the button.
On our website you have the option to be taken directly to our Facebook page. This is not a link that does not require consent pursuant to Art. 6(1) Section (a) GPDR.
Twitter International Company (Twitter) offers a so-called microblogging service on which short messages can be distributed by registered users. The individual messages are referred to as “tweets”.
On our website you have the option to be taken directly to our Twitter page. This is not a link that does not require consent pursuant to Art. 6(1) Section (a) GPDR.
On our website you have the option to be taken directly to our Instagram page. This is not a link that does not require consent pursuant to Art. 6(1) Section (a) GPDR.
The controller responsible for this external link is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
On our website you have the option to be taken directly to our Pinterest page. This is not a link that does not require consent pursuant to Art. 6(1) Section (a) GPDR.
The controller responsible for this external link is Pinterest Europe Ltd. Palmerston House, 2nd Floor Fenian Street, Dublin 2, Ireland.
On our website you have the option to be taken directly to our YouTube page. This is not a link that does not require consent pursuant to Art. 6(1) Section (a) GPDR.
The controller responsible for this external link is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
9. Transfers to third countries
In the course of your use of the website, it may be necessary to forward your personal data to third countries. This occurs only in compliance with the measures for ensuring an appropriate level of data protection in Art. 44 et seq. GDPR. If the country of the recipient does not have an adequacy decision from the Commission and the recipient is not covered by the Privacy Shield agreement, standard contractual clauses are used. You can obtain further information about this from the data protection officer using the contact details above.