Data protection

We warmly welcome you to QuadHub. The protection of your data is particularly important to us. We would therefore like to give you an overview of the type, scope and purpose of the processing of personal data in our online offering.

A) Definitions

Below we explain some important terms on the subject of data protection. For further definitions, we refer to Article 4 of the General Data Protection Regulation (GDPR).

Responsible body...
... means the natural or legal person, public authority, institution or other body that decides, independently or jointly with others, on the purposes and means of processing personal data.

Personal data...
... includes all information relating to an identified or identifiable natural person. A person is considered identifiable if he or she can be identified, directly or indirectly, by means of an identifier such as name, identification number, location data, online identifier or specific characteristics that express his or her physical, physiological, genetic, psychological, economic, cultural or social identity .

Processing...
... includes all operations relating to personal data, including the collection, collection, organization, storage, adaptation, modification, use, disclosure by transmission, dissemination, provision, comparison, association, restriction, deletion or destruction, regardless of whether whether they are automated or not.

B) Responsible body

Miriam Feistmann
Karl-Arnold-Strasse 245
52511 Geilenkirchen
Fax: +49 (0) 2451 9434451
Email: [email protected]

C) Data protection officer

Miriam Feistmann
Email: [email protected]

D) General information on data processing

What types of data are collected?
Inventory data such as name and place of residence (if appropriate)
Contact details such as telephone numbers and email addresses (if provided)
Content data such as text entries in the chat, forum, etc. (if appropriate)
Usage data such as access times (when using our offer)
Meta/communication data (when using our offer)
Photos uploaded by you
Your ID number (if you provide it to us, e.g. for age verification)
Your mobile phone number (e.g. for using the mobile phone TAN procedure, mobile payment, comparison for multiple uses or verification during registration)

For what purposes is the data processing carried out?
Provision of our online offering, its functions and content
Answering contact inquiries and communication
Safety measures
Reach measurement and advertising
Billing purposes
Carrying out application procedures
Scientific evaluation
Supporting law enforcement and security

Legal basis for data processing
In accordance with Article 13 of the GDPR, we inform you about the legal basis for our data processing. The legal basis for processing operations for which we obtain your consent for a specific purpose is in accordance with Article 6 paragraph 1 letter a of the GDPR.

The processing of personal data is necessary for the performance of a contract to which the data subject is a party, such as processing operations for the supply of goods or the provision of a service or consideration. In such cases, processing is based on Article 6(1)(b) of the General Data Protection Regulation (GDPR).

The same applies to processing operations that are necessary to carry out pre-contractual measures, for example when making inquiries about our services.

If our company is subject to a legal obligation that requires the processing of personal data, for example to fulfill tax obligations, the processing is based on Article 6 paragraph 1 letter c of the GDPR.

Processing operations can also be based on Article 6 paragraph 1 letter f of the GDPR. On this basis, processing operations that are not covered by the aforementioned legal bases are carried out if the processing is necessary to safeguard a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject do not prevail. Such processing operations are permitted in particular because the European legislator has specifically mentioned them. He is of the opinion that there could be a legitimate interest if the data subject is a customer of the controller (see recital 47 sentence 2 of the GDPR).

If the processing of personal data is based on Article 6 paragraph 1 letter f of the GDPR, our legitimate interest is to carry out our business activities for the benefit of the well-being of all our employees and shareholders.

4) Order processing and transfer to third parties
If, as part of our processing, we pass on data to other people or companies (processors or third parties), transfer them or otherwise grant them access to the data, this will only be done on the basis of legal permission (e.g. if the transfer of data to third parties, such as payment service providers, is necessary for the fulfillment of the contract in accordance with Article 6 paragraph 1 letter b of the GDPR), you have given your consent, a legal obligation requires this or due to our legitimate interests (e.g. when using agents, web hosts, etc.).

If we commission third parties to process data in accordance with a so-called “order processing agreement”, this is done in accordance with Article 28 of the GDPR.

5) Transfers to third countries
If we transfer data to a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or process this in the context of using third-party services or disclosing or transmitting data to third parties, this will only be done: if it happens to fulfill our (pre-)contractual obligations, based on your consent, based on a legal obligation or based on our legitimate interests. Subject to legal or contractual permissions, we only process or have the data processed in a third country under the special conditions of Article 44 ff. of the GDPR. This means that the processing is based, for example, on special guarantees, such as the officially recognized determination of a level of data protection that corresponds to that of the EU (e.g. for the USA through the "Privacy Shield") or compliance with officially recognized special contractual obligations (so-called "Standard Contractual Clauses").

6) Duration of data storage
The data we process will be deleted or its processing restricted in accordance with Articles 17 and 18 of the GDPR. Unless expressly stated otherwise in this data protection declaration, the data stored by us will be deleted as soon as they are no longer required for their purpose and the deletion does not conflict with any legal retention obligations.

In accordance with the legal requirements in Germany, storage takes place in particular for 6 years in accordance with Section 257 Paragraph 1 of the Commercial Code (commercial books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting documents, etc.) and for 10 years in accordance with Section 147 Paragraph 1 of the Tax Code (books, records , management reports, accounting documents, commercial and business letters, documents relevant to taxation, etc.).

7) Rights of data subjects
As a data subject, you have a number of rights in accordance with Articles 15 ff. of the GDPR. These include in particular:

The right to request confirmation as to whether personal data is being processed and access to that data as well as further information and a copy of the data (Article 15 of the GDPR).
The right to request the completion of data concerning you or the correction of inaccurate data concerning you (Article 16 of the GDPR).

The right to request that the data concerning you be deleted immediately or, alternatively, to request that the processing of the data be restricted (Articles 17 and 18 of the GDPR).
The right to receive the data relating to you that you have provided to us in a structured, commonly used and machine-readable format and the right to pass this data on to another person

The right to object at any time to the processing of personal data concerned pursuant to Article 6(1)(e) or (f) (Article 21 of the General Data Protection Regulation, GDPR).

The right, where the processing is based on Article 6(1)(a) or Article 9(2)(a), to withdraw consent to the processing of personal data at any time, without affecting the lawfulness of the processing based on the consent before its withdrawal.

The right to lodge a complaint with the relevant supervisory authority (Article 77 GDPR).

Is the provision of personal data required by law or contract or necessary for the conclusion of a contract? Am I obliged to provide personal data and what possible consequences would there be if I did not provide it?

If you enter data on our website yourself (such as contact details, etc.), there is no legal obligation to do so. However, providing such data may be necessary to use our website. Failure to provide the relevant data would mean that we would not be able to offer the (full) service of our site.

When you visit our website, so-called “cookies” are created (see below), which we use for reach measurement and marketing purposes. You can deactivate cookies in your browser. However, this may result in functional restrictions on our online offering. However, you can still use our website. Further data is collected when you visit the site, as stated in Sections G) and H). There is also no legal obligation to pass on this data. Here too, the usability of the site may be restricted if these are not transmitted.
We will not make a decision based solely on automated processing - including profiling - that has legal effect on you or similarly significantly affects you.

Applications and application process

You can apply via our QuadHub job vacancies page. We collect and process the personal data of applicants for the purpose of processing the application process. Processing can also take place electronically. This is particularly the case if an applicant sends us relevant application documents electronically, for example by email. If we conclude an employment contract with an applicant, the data transmitted will be stored for the purpose of processing the employment relationship in compliance with legal regulations. If we do not conclude an employment contract with the applicant, the application documents will be automatically deleted two months after the rejection decision has been announced, provided that deletion does not conflict with any other legitimate interests on our part. Another legitimate interest in this sense is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG).

Cookies

“Cookies” are small files that are stored on users’ computers. Different information can be stored within the cookies. A cookie is primarily used to store information about a user (or the device on which the cookie is stored) during or after their visit to an online offering. Temporary cookies, or “session cookies” or “transient cookies,” are cookies that are deleted after a user leaves an online offering and closes their browser. In such a cookie, for example: For example, the contents of a shopping cart in an online shop or a login status can be saved. Cookies that remain stored even after the browser is closed are referred to as “permanent” or “persistent”. So can e.g. For example, the login status can be saved when users visit this website again after several days. The interests of users can also be stored in such a cookie, which is used for range measurement or marketing purposes. “Third-party cookies” are cookies that are offered by providers other than the person responsible for operating the online offering (otherwise, if they are only their cookies, they are referred to as “first-party cookies”).

We can use temporary and permanent cookies and explain this in our data protection declaration.

If you do not want cookies to be stored on your computer, you will be asked to deactivate the corresponding option in the system settings of your browser. However, this may result in functional restrictions for this online offering. Saved cookies can be deleted in the browser's system settings. The exclusion of cookies can lead to functional restrictions of this online offer.

A general objection to the use of cookies used for online marketing purposes can be declared for a large number of services. Furthermore, the storage of cookies can be achieved by switching them off in the browser settings. Please note that not all functions of this online offer may then be able to be used.

Hosting

The hosting services we use serve to provide the following services: infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services, which we use for the purpose of operating this online offering.
We, or our hosting provider, process inventory data, contact data, content data, contract data, usage data as well as meta and communication data from customers, interested parties and visitors to this online offering. This is done on the basis of our legitimate interests in the efficient and secure provision of this online offering in accordance with Article 6 paragraph 1 letter f of the General Data Protection Regulation (GDPR) in conjunction with Article 28 GDPR (conclusion of the order processing contract).

Access data and log files

We, or our hosting provider, collect data about every access to the server on which this service is located (so-called server log files) based on our legitimate interests in accordance with Article 6 paragraph 1 letter f GDPR. The access data includes the name of the website accessed, the file accessed, the date and time of access, the amount of data transferred, the notification of successful access, the browser type and version, the user's operating system, the referrer URL (the previously visited page), the IP address and the requesting provider.

The information from the log files is temporarily stored for security reasons, for example to investigate acts of abuse or fraud, and then deleted. Data whose further storage is necessary for evidentiary purposes will be excluded from deletion until the respective incident has been finally clarified.

Analysis tools

The tracking measures listed below are carried out on the basis of Article 6 paragraph 1 sentence 1 letter f GDPR. With the tracking measures we use, we want to ensure a needs-based design and ongoing optimization of our website. On the other hand, we use tracking measures to statistically record and analyze the use of our website in order to optimize our offer for you. These interests are to be viewed as legitimate in accordance with the aforementioned provision.

1) Google Analytics

For the purpose of needs-based design and ongoing optimization of our pages, we use Google Analytics, a web analysis service from Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; "Google"). Pseudonymized usage profiles are created and cookies are used. The information generated by the cookie about your use of this website (including your IP address) is transmitted to a Google server in the USA and stored there. The IP addresses are anonymized so that assignment is not possible (IP masking).

You can prevent the installation of cookies by setting your browser software accordingly; However, we would like to point out that in this case not all functions of this website may be able to be used to their full extent. You can also prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: https ://tools.google.com/dlpage/gaoptout?hl=de.

As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent data collection by Google Analytics by clicking on this link: Deactivate Google Analytics. An opt-out cookie will be set to prevent future collection of your data when you visit this website. Please note that the opt-out cookie only works in this browser and only for this website and is stored on your device. If you delete the cookies in this browser, you will have to set the opt-out cookie again.

For more information about data protection in connection with Google Analytics, see the Google Analytics Help Center.

2) Google Adwords Conversion Tracking

In order to statistically record and optimize the use of our website, we also use Google conversion tracking. Google Adwords sets a cookie on your computer when you reach our website via a Google ad. These cookies expire after 30 days and are not used for personal identification. If the user visits certain pages on the Adwords customer's website and the cookie has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page.

Each AdWords customer receives an individual cookie, so cookies cannot be tracked across other AdWords customers' websites. The information collected via the conversion cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. AdWords customers only receive the total number of users who clicked on their ad and visited a page with a conversion tracking tag. However, personally identifiable information about users is not made available to them.

If you do not want to take part in the tracking process, you can refuse to set the necessary cookies, for example by using a corresponding browser setting that generally deactivates the automatic setting of cookies. You can also deactivate the conversion tracking cookie by setting your browser to block cookies from the domain "www.googleadservices.com". You can find Google's privacy policy for conversion tracking here.

3) Google reCAPTCHA
On this website we also use the reCAPTCHA function from Google Ireland Limited to distinguish whether an entry is made by a natural person or by machine and automated means. The service includes the transmission of the IP address and, if necessary, other data required for the reCAPTCHA function to Google. This is done in accordance with Article 6 Paragraph 1 Letter f of the GDPR on the basis of our legitimate interest in determining individual personal responsibility on the Internet and avoiding misuse and spam. Personal data may be transmitted to Google LLC servers in the USA.

Google LLC has certified itself under the EU-US Privacy Shield for the transfer of personal data from the EU to the USA. For more information, click here.

J) Social media plug-ins
We use social media plug-ins from the social networks Facebook, Twitter and Instagram on our website to make our website better known. The associated advertising purpose represents a legitimate interest within the meaning of the GDPR. The responsibility for data protection-compliant operation lies with the respective provider.

1) Facebook social media plugins
We use social media plugins from Facebook on our website to make it more personal. We use the “LIKE” or “SHARE” button. These plugins are provided by Facebook.

When you access a page on our website that contains such a plugin, your browser establishes a direct connection to the Facebook servers. The contents of the plugin are transmitted directly to your browser by Facebook and integrated into the website.

By integrating the plugins, Facebook receives the information that your browser has accessed the corresponding page on our website, even if you do not have a Facebook account or are not currently logged in to Facebook. This information, including your IP address, is transmitted from your browser directly to a Facebook server in the USA and stored there. If you are logged in to Facebook, Facebook can assign your visit to our website to your Facebook account.

If you interact with the plugins, for example by clicking the “LIKE” or “SHARE” button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook and displayed to your Facebook friends. Facebook can use this information for advertising, market research and the design of Facebook pages. Usage, interest and relationship profiles can be created in order to evaluate your use of our website with regard to the advertisements displayed on Facebook, to inform other Facebook users about your activities on our website and to provide other services related to the use of Facebook .

If you do not want Facebook to assign the data collected via our website to your Facebook account, you must log out of Facebook before visiting our website.

Information on the purpose and scope of data collection and the further processing and use of the data by Facebook as well as your related rights and setting options to protect your privacy can be found in Facebook's data protection information.

2) Facebook Connect
We offer you the opportunity to register for our service with Facebook Connect. This means that no additional registration is required. When you register, you will be redirected to the Facebook page, where you can log in with your usage data. Your Facebook profile will be linked to our service and we will automatically receive information from Facebook.

We use this data to establish and process the contractual relationship with you and to provide our services.

Further information about Facebook Connect and the privacy settings can be found in the data protection information and the terms of use of Facebook Inc.

Twitter
Plugins from the short message network of Twitter Inc. (Twitter) are integrated into our website. You can recognize the Twitter plugins (tweet button) by the Twitter logo on our site. You can find an overview of tweet buttons here.
If you access a page on our website that contains such a plugin, a direct connection will be established between your browser and the Twitter server. Twitter thereby receives the information that you have visited our site with your IP address. If you click the Twitter “Tweet button” while logged into your Twitter account, you can link the content of our pages to your Twitter profile. This allows Twitter to assign your visit to our pages to your user account.

We would like to point out that as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Twitter.

If you do not want Twitter to be able to assign your visit to our pages, please log out of your Twitter user account.

You can find further information about this in Twitter's privacy policy.

Instagram
Our website also uses so-called social plugins (“plugins”) from Instagram, which is operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”). The plugins are marked with an Instagram logo, for example in the form of an “Instagram camera”.
When you access a page on our website that contains such a plugin, your browser establishes a direct connection to Instagram's servers. The content of the plugin is transmitted directly to your browser by Instagram and integrated into the page. Through this integration, Instagram receives the information that your browser has accessed the corresponding page on our website, even if you do not have an Instagram profile or are not currently logged in to Instagram. This information (including your IP address) is transmitted from your browser directly to an Instagram server in the USA and stored there. If you are logged in to Instagram, Instagram can directly assign your visit to our website to your Instagram account. If you interact with the plugins, for example by clicking the “Instagram” button, this information is also transmitted directly to an Instagram server and stored there.

The information will also be published on your Instagram account and shown to your contacts there. If you do not want Instagram to directly assign the data collected via our website to your Instagram account, you must log out of Instagram before visiting our website.

You can find further information about this in Instagram’s privacy policy.

L) Google Cloud Vision
QuadHub also uses Google's Cloud Vision API. The tool is used to identify critical image content and makes it possible to identify and sort out violations of our photo rules before they are shown to our community. This means that photos you upload to QuadHub will be reviewed through this tool to determine whether the photo you uploaded may violate our Photo Rules. You can find more information about this service at https://cloud.google.com/vision/. Image verification, developed based on the Cloud Vision API, is necessary for uploading images to our service. If you do not want Cloud Vision API to be used, you will no longer be able to fully use QuadHub's services.

You can find more information about data protection at Google at https://www.google.com/policies/privacy/.

M) Verification
If you want, you can have your profile verified. This is a voluntary option and not mandatory. If you decide to do this, you will need to contact our support or be verified by an administrator. Verification confirms the authenticity of a profile. You will then receive the “Blue Tick”.

N) Photos
As a user, you can upload one or more photos if you want to show other users what you look like. This is not mandatory, but completely voluntary. Once you have uploaded the photos, they will be visible to all other users of the service. You can delete these photos from your profile at any time when you log in with your user name and password. Once deleted, the photo will no longer be visible.

The data continues to be stored for security reasons and to ensure the usability of our services.

O) Advertising
In some cases, our advertising partners automatically display selected advertisements on our partners' websites based on your surfing behavior in order to optimize the quality of the advertising for you (so-called "personalized" or "behavioral advertising delivery" or "behavioral targeting"). The goal of these systems is to only show you relevant advertising that matches your interests. Ads that are less relevant or irrelevant to you will not be displayed or suppressed by the activated behavioral targeting system.

In this case, this Section O of the data protection declaration is to be viewed as part of the respective website of our partner or customer, from which reference or link was made directly (e.g. under “Data protection” or “Data protection declaration”). We would like to transparently disclose to you how behavioral targeting works, what data is collected, how it is used for what purposes and how you can object to or prevent the use of the behavioral targeting functions at any time.

1) How does behavioral targeting work in detail?
When you visit a website of our partners or customers, a so-called cookie file is stored on your computer. Cookies are small text files that are placed by your web browser in a designated directory on your computer or mobile device and contain a unique character string as an identifier. (Your IP address is not stored in the cookie.) The same string is stored on servers. The next time you visit a partner website, only the character string is read, making it possible to identify the Internet browser you are using. For example, targeting providers can recognize which page you have accessed from our partner and which advertising has already been shown to you, without being able to trace this back specifically to you. Furthermore, cookies created are provided with an expiry date and expire automatically. Without a valid cookie file, the character string stored on servers can no longer be assigned.

Important: With the help of the cookie, other personal data cannot be collected from you at any time.

Please note that deleting all cookies on your computer will not permanently stop you from seeing personalized advertising. Only permanent deactivation of cookies or the use of an ad blocker can serve to eliminate advertising (www.adblockplus.org). However, before installing such a system in your browser, please consider that for many website operators it is essential to place online advertising in order to finance their offering.

If you have any further questions, we are happy to help you.

Last Updated - 10 April 2024

Your QuadHub team