Skip to content
Homepage Privacy Policy

Privacy Policy

Privacy Policy

This privacy policy clarifies the type, scope and purpose of the processing of personal data (hereinafter referred to as “data”) within our online offering and the associated websites, functions and content as well as external online presences, such as our social media profiles (hereinafter collectively referred to as “online offering”). With regard to the terminology used, such as “processing” or “responsible person”, we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

Data Controller

Local Staff International (LSI)

Types of Processed Data:

  • Inventory data (e.g., names, addresses).
  • Contact data (e.g., email, phone numbers).
  • Content data (e.g., text inputs, photographs, videos).
  • Usage data (e.g., visited websites, interest in content, access times).
  • Meta/communication data (e.g., device information, IP addresses).

Purpose of Processing

  • Provision of the online offering, its functions and contents.
  • Answering contact requests and communicating with users.
  • Security measures.
  • Reach measurement/marketing.

Terminology Used

Personal data is any information that relates to an identified or identifiable natural person (hereinafter referred to as the “data subject”). An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing is any operation or set of operations which is performed on personal data, whether or not by automated means. The term is broad and encompasses virtually any handling of data.

Controllermeans the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

Legal Basis for Processing

In accordance with Article 13 of the GDPR, we are informing you of the legal basis for our data processing activities. If the legal basis is not mentioned in the privacy policy, the following applies: The legal basis for obtaining consent is Article 6(1)(a) and Article 7 GDPR, the legal basis for processing for the performance of our services and the execution of contractual measures, as well as for answering inquiries, is Article 6(1)(b) GDPR, the legal basis for processing for the fulfillment of our legal obligations is Article 6(1)(c) GDPR and the legal basis for processing for the protection of our legitimate interests is Article 6(1)(f) GDPR. In the event that vital interests of the data subject or another natural person require the processing of personal data, Article 6(1)(d) GDPR serves as the legal basis.

Security Measures

We ask you to inform yourself regularly about the content of our privacy policy. We will adapt the privacy policy as soon as changes to the data processing we carry out make this necessary. We will inform you as soon as the changes require your cooperation (e.g. consent) or other individual notification.

Cooperation with Processors and Third Parties

If we disclose data to other persons and companies (processors or third parties) as part of our processing, transmit it to them or otherwise grant them access to the data, this will only take place on the basis of a legal permission (e.g. if a transmission of the data to third parties, such as to payment service providers, is necessary for the fulfilment of the contract in accordance with Art. 6 (1) (b) GDPR), you have consented, a legal obligation requires this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).

If we commission third parties to process data on the basis of a so-called “order processing contract”, this is done on the basis of Art. 28GDPR.

Transfers to Third Countries

If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs in the context of using third-party services or disclosing or transferring data to third parties, this will only take place if it is necessary to fulfil our (pre)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we will only process or have the data processed in a third country if the special requirements of Art. 44 ff. GDPR are met. This means that the processing takes place, for example, on the basis of special guarantees, such as the officially recognised determination of a data protection level corresponding to the EU (e.g. for the USA through the “Privacy Shield”) or compliance with officially recognised special contractual obligations (so-called “standard contractual clauses”).

Rights of Data Subjects

You have the right to request confirmation as to whether or not personal data concerning you is being processed and to request information about this data and further information and a copy of the data in accordance with Art. 15 GDPR.

You have the right to request the completion or correction of inaccurate data concerning you in accordance with Art. 16 GDPR.

You have the right to request the erasure of your personal data without undue delay, or alternatively to request the restriction of the processing of your personal data in accordance with Art. 17 and Art. 18 GDPR.

You have the right to receive the personal data concerning you that you have provided to us in accordance with Art. 20 GDPR and to request that it be transmitted to other controllers.

You also have the right to lodge a complaint with the competent supervisory authority in accordance with Art. 77 GDPR.

Right of withdrawal

You have the right to withdraw your consent in accordance with Art. 7 (3) GDPR with effect for the future.

Right to object

You have the right to object to the processing of your personal data at any time, in accordance with Art. 21 GDPR. You can object to the processing of your personal data for direct marketing purposes in particular.

Cookies and the right to object to direct advertising

Cookies are small files that are stored on users’ computers. Various information can be stored within cookies. A cookie is primarily used to store information about a user (or the device on which the cookie is stored) during or even after their visit to an online offering. 

Cookies that are deleted after a user leaves an online offering and closes their browser are called temporary cookies, session cookies, or transient cookies. For example, the contents of a shopping cart in an online shop or a login status can be stored in such a cookie.

Cookies that remain stored even after the browser is closed are called permanent or persistent cookies. For example, the login status can be saved if users visit it after several days. The interests of users, which are used for range measurement or marketing purposes, can also be stored in such a cookie.

Cookies offered by providers other than the person responsible for operating the online offering are referred to as third-party cookies (otherwise, if they are only its cookies, they are called first-party cookies).

We may use temporary and permanent cookies and explain this in our privacy policy.

If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer.

A general objection to the use of cookies used for online marketing purposes can be declared for a variety of services, especially in the case of tracking, via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/. Furthermore, the storage of cookies can be achieved by deactivating them in the browser settings. Please note that in this case not all functions of this online offer can be used.

Data Deletion

The data processed by us will be deleted or restricted in its processing in accordance with Articles 17 and 18 GDPR. Unless expressly stated in this privacy policy, the data stored by us will be deleted as soon as it is no longer necessary for its intended purpose and there are no legal obligations to prevent deletion. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be stored for commercial or tax reasons.

According to legal requirements in Germany, storage is carried out in particular for 6 years according to Art. 257 (1) HGB (commercial books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting documents, etc.) and for 10 years according to Art. 147 (1) AO (books, records, management reports, accounting documents, commercial and business letters, documents relevant for taxation, etc.).

According to legal requirements in Austria, storage is carried out in particular for 7 years according to Art.132 (1) BAO (accounting records, vouchers/invoices, accounts, vouchers, business papers, list of income and expenses, etc.), for 22 years in connection with real estate and for 10 years for documents in connection with electronicallysupplied services, telecommunications, broadcasting and television services provided to non-entrepreneurs in EU member states for which the Mini-One-Stop-Shop (MOSS) is used.

Hosting

The hosting services we use provide the following services: Infrastructure and platform services, Computing capacity, Storage space and database services, Security services, technical maintenance services. We use these services to operate this online offer.

Hereby, we or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors of this online offer on the basis of our legitimate interests in an efficient and secure provision of this online offer in accordance with Art. 6 Para. 1 lit. f GDPR in conjunction with Art. 28 GDPR (conclusion of an order processing contract).

Collection of access data and log files

We or our hosting provider collect data on every access to the server on which this service is located (so-called server log files) on the basis of our legitimate interests within the meaning of Art. 6 Para. 1 lit. f. GDPR. The access data includes the name of the website accessed, file, date and time of access, transferred data volume, message about successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.

Log file information is stored for a maximum of 7 days for security reasons (e.g. to investigate misuse or fraud) and then deleted. Data that needs to be stored for a longer period of time for evidence purposes is exempt from deletion until the respective incident has been finally clarified.

Administration, financial accounting, office organisation, contact management

We process data in the context of administrative tasks as well as the organisation of our operations, financial accounting and compliance with legal obligations, such as archiving. In this context, we process the same data that we process in the context of providing our contractual services. The processing bases are Art. 6 Para. 1 lit. c. GDPR, Art. 6 Para. 1 lit. f. GDPR. Customers, interested parties, business partners and website visitors are affected by the processing. The purpose and our interest in the processing lies in the administration, financial accounting, office organization, archiving of data, i.e. tasks that serve to maintain our business activities, perform our tasks and provide our services. The deletion of data with regard to contractual services and contractual communication corresponds to the information specified in these processing activities.

We disclose or transmit data to the tax authorities, consultants, such as tax consultants or auditors, as well as other fee offices and payment service providers.

We also store information about suppliers, organisers and other business partners on the basis of our legitimate business interests, e.g. for the purpose of later contacting them. We generally store this data, which is mainly company-related, permanently.

Contacting

When you contact us (e.g. via contact form, email, phone or social media), the user’s data will be processed in order to handle the contact request and its processing in accordance with Art. 6 (1) (b) GDPR. The user’s data can be stored in a customer relationship management system (“CRM system”) or a comparable request organisation.

We will delete the requests if they are no longer necessary. We review the necessity every two years; furthermore, the legal archiving obligations apply.

Comments and Posts

If users leave comments or other posts, their IP addresses will be stored for 7 days on the basis of our legitimate interests within the meaning of Art. 6 (1) (f) GDPR. This is done for our security, in case someone leaves illegal content in comments and posts (insults, prohibited political propaganda, etc.). In this case, we ourselves can be prosecuted for the comment or post and are therefore interested in the identity of the author.

Comment Subscriptions

Subsequent comments can be subscribed to by users with their consent in accordance with Art. 6 (1) (a) GDPR. Users will receive a confirmation email to verify that they are the owner of the email address entered. Users can unsubscribe from ongoing comment subscriptions at any time. The confirmation email will containinformation on how to unsubscribe. For the purposes of proving the consent of the users, we store the time of registration and the IP address of the users and delete this information when users unsubscribe from the subscription.

You can cancel your subscription to our newsletter at any time, i.e. revoke your consent. We can store the unsubscribed email addresses for up to three years on the basis of our legitimate interests before we delete them, in order to be able to prove a previously given consent.The processing of this data is limited to the purpose of a possible defence against claims. An individual deletion request is possible at any time, provided that the former existence of a consent is confirmed at the same time.

Newsletter

With the following information, we inform you about the contents of our newsletter as well as the registration, dispatch and statistical evaluation procedure and your rights of objection. By subscribing to our newsletter, you declare your agreement with the receipt and the described procedures.

Content of the newsletter: We send newsletters, e-mails and other electronic notifications with advertising information (hereinafter “newsletter”) only with the consent of the recipients or a legal permission. If the contents of the newsletter are specifically described in the context of a registration, they are decisive for the consent of the users. In addition, our newsletters contain information about our services and us.

Double-Opt-In and Logging: The registration for our newsletter takes place in a so-called double-opt-in procedure. This means that after registration you will receive an e-mail asking you to confirm your registration. This confirmation is necessary to prevent anyone from registering with someone else’s e-mail address. The registrations for the newsletter are logged in order to be able to prove the registration process according to the legal requirements. This includes the storage of the time of registration and confirmation, as well as the IP address. The changes of your data stored with the shipping service provider are also logged.

Registration data: To register for the newsletter, simply enter your email address. Optionally, we ask you to provide a name for personal address in the newsletter.

Germany: The dispatch of the newsletter and the associated performance measurement are based on the consent of the recipients in accordance with Art. 6 (1) (a), Art. 7 GDPR in conjunction with Section 7 (2) No. 3 UWG or on the basis of the legal permission in accordance with Section 7 (3) UWG.

The logging of the registration process is based on our legitimate interests in accordance with Art. 6 (1) (f) GDPR. Our interest is directed towards the use of a user-friendly and secure newsletter system that serves both our business interests and the expectations of the users and also allows us to prove consent.

Cancellation/Revocation – You can cancel your subscription to our newsletter at any time, i.e. revoke your consent. You will find a link to cancel the newsletter at the end of each newsletter. We may store the unsubscribed email addresses for up to three years on the basis of our legitimate interests before deleting them, in order to be able to prove a previously given consent. The processing of this data is limited to the purpose of a possible defence against claims. An individual request for deletion is possible at any time, provided that the former existence of a consent is confirmed at the same time.

Jetpack (WordPress Stats)

We use the Jetpack plugin (specifically the “WordPress Stats” sub function) on the basis of our legitimate interests (i.e., our interest in the analysis, optimisation, and economic operation of our online offering in accordance with Art. 6 (1) (f) of the GDPR). Jetpack is a tool for the statistical evaluation of visitor traffic and is provided by Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA. Jetpack uses “cookies,” which are text files that are stored on your computer and allow for an analysis of your website usage.

Automattic is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000CbqcAAC).

The information generated by the cookie about your use of this website is stored on a server in the USA. The processed data can be used to create user profiles, but these are only used for analysis and not for advertising purposes. For more information, please see Automattic’s privacy policy (https://automattic.com/privacy/) and information on Jetpack cookies (https://jetpack.com/support/cookies/).

Social Media Presence

We maintain online presences on social networks and platforms to communicate with customers, prospects, and users active there and to inform them about our services. When accessing the respective networks and platforms, the terms and conditions and the data processing guidelines of their respective operators apply.

Unless otherwise stated in our privacy policy, we process user data if they communicate with us within social networks and platforms, e.g., by writing posts on our online presences or sending us messages.

Erstellt mit Datenschutz-Generator.de von RA Dr. Thomas Schwenke