Privacy policy

Introduction

With the following data protection Declaration we would like to inform you which types of your personal data (hereinafter also abbreviated as "data") we process for which purposes and in which scope. The privacy policy applies to all of us carried out the processing of personal data, both in the framework of the provision of our services as well as, in particular, on our websites, in mobile applications and within external online presences, e.g. our Social Media Profile (hereinafter collectively referred to as "online offer").

The terms used are not gender-specific.

Responsible

Zapdeck GmbH

Revaler Str. 13


10245 Berlin

Overview of processing

The following Overview summarizes the types of data processed and the purposes of its processing and refers to the persons concerned.

Types of data processed

  • Inventory data (e.g. names, addresses).
  • Candidate data (e.g., information about the Person, Postal and contact addresses and the documents for the application belonging and the information contained therein, such as cover Letter, CV, certificates, and more in terms of a specific job or volunteer applicants notified information to the Person or qualification).
  • Content data (e.g. entries in online forms).
  • Contact information (e.g. E-Mail, telephone numbers).
  • Meta/communication data (e.g. device information, IP addresses).
  • Usage data (e.g. websites visited, interest in content, access times).
  • Contract data (e.g. subject matter of the contract, duration, customer category).
  • Payment data (e.g. Bank details, invoices, payment history).

Categories of affected persons

  • Employees (e.g., employees, applicants, former employees).
  • Applicants.
  • Business and contract partners.
  • Interested parties.
  • Communication partner.
  • Customers.
  • Users (e.g. website visitors, users of online services).

Purposes of the processing

  • A/B Testing.
  • Affiliate Tracking.
  • Provision of our online offer and user-friendliness.
  • Conversion measurement (measurement of the effectiveness of marketing measures).
  • Application procedure (statement of reasons and any subsequent implementation as well as possible subsequent to the termination of the employment relationship).
  • Office and organization procedures.
  • Click tracking.
  • Content Delivery Network (CDN).
  • Direct marketing (e.g. by E-Mail or by post).
  • Feedback (e.g., Collect Feedback via the Online form).
  • Heatmaps (mouse movements on the part of the users, which are combined to form an overall picture.).
  • Marketing.
  • Contact requests and communication.
  • Profiles with user-related information (creation of user profiles).
  • Range measurement (e.g. access statistics, recognition of returning visitors).
  • Security measures.
  • Surveys and questionnaires (e.g., surveys, input options, Multiple-Choice questions).
  • Provision of contractual services and customer service.
  • Managing and responding to requests.

Relevant Legal Bases

The following is an Overview of the legal foundations of the DSGVO, which we apply to the processing of personal data. Please note, to fit that in addition to the provisions of the DSGVO, national data protection regulations of your or our residential, or home country to apply. Furthermore, in individual cases, more specific legal basis, should be governed, we will inform you of this in the privacy statement.

  • Consent (Art. 6, Para. 1 S. 1 lit. a. DSGVO) – The Person concerned has given his / her consent to the processing of their personal data for a specific purpose or more specific purposes.
  • Fulfilment of the contract and pre-contractual requests (article 6, Para. 1 S. 1 lit. b. DSGVO) – The processing is necessary for the performance of a contract whose contractual party is the data subject, or for the execution of pre-contractual measures will be required, at the request of the Person concerned.
  • Legal Obligation (Art. 6, Para. 1 S. 1 lit. C. DSGVO) – The processing is necessary for compliance with a legal obligation that is subject to the Responsible party.
  • Legitimate Interests (Art. 6, Para. 1 S. 1 lit. f. DSGVO) – The processing is necessary to safeguard the legitimate interests of the controller or of a third party is required, unless the interests or fundamental rights and freedoms of the data subject which require protection of personal data, prevail.
  • The application procedure as a pre-contractual or contractual relationship (art. 9, Para. 2 lit. b DSGVO) – To the extent that, in the context of the application process special categories of personal data within the meaning of article 9 Para. 1 DSGVO (e.g. health data, such as the severely disabled feature or ethnic origin) in the case of applicants will be requested so that the person in charge or the Person concerned to exercise him or her from the labour law and the law of social security and social protection, rights and obligations under, and its and their respective duties, is carried out the processing according to article 9, Para. 2 lit. b. DSGVO, life in the case of the protection of the vital interests of the applicant or other persons pursuant to art. Art. 9 Abs. 2 lit. C. DSGVO or for the purposes of preventive health care or occupational medicine, for the assessment of the working capacity of the employee, for medical diagnosis, care or treatment in a health or social care or for the management of systems and services in the health or social gem. Art. 9 Abs. 2 lit. h. DSGVO. In the case of a voluntary consent, based notification of special categories of data, will be processed on the basis of article 9, Para. 2 lit. a. DSGVO.

National data protection regulations in GermanyIn addition to the data protection regulations of the General data protection regulation, national data protection regulations in Germany. In particular, the law on protection against misuse of personal data in data processing (Federal data protection act – BDSG) belongs to. The data protection act contains special provisions on the right to information, the right to Erasure, the right to object to the processing of special categories of personal data, processing for other purposes and for Transmission as well as automated decision making in individual cases, including Profiling. Furthermore, it regulates the processing of data for the purposes of the employment relationship (§ 26 BDSG), in particular with regard to the justification, execution or termination of employment, as well as the consent of the employee. Furthermore, the country's data protection laws of the individual States can move to the application.

Security measures

We meet in accordance with the legal requirements, taking into account the State of the art, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the different probability of Occurrence and the extent of the threat to the rights and freedoms of natural persons take appropriate technical and organizational measures to ensure the level of risk appropriate level of protection.

The measures include in particular the securing of confidentiality, integrity and availability of data by controlling physical and electronic access to the data, as well as the access, input, transmission, the securing of availability and its separation. Furthermore, we have established procedures to ensure that users ' rights, the deletion of data and reaction to endangerment of the data. In addition, we take into account the protection of personal data already in the development or Selection of Hardware, Software and procedures, in accordance with the principle of data protection by technology design and by privacy-friendly default settings.

Reduction of the IP address: To the extent that IP addresses from us, or by the performance of the service providers and technologies are being processed, and the processing of a full IP-address is not required, the IP address will be truncated (also known as "IP Masking"). Here, the last two digits, or the last part of the IP address are removed after a point, or a placeholder to be replaced. With the shortening of the IP address is the identification of a Person is to be prevented on the basis of their IP address or significantly more difficult.

SSL encryption (https): Its via to protect our Online quote data provided, we use SSL-encryption. You can recognize such encrypted Connections by the prefix https:// in the address bar of your browser.

Transfer of personal data

In the context of our processing of personal data that the data can be transmitted to other Bodies, enterprises, legally independent organizational units or individuals, or they will be disclosed to. The recipients of this data, for example, with IT tasks commissioned service providers or providers of services and content that are embedded in a website,. In such a case, we observe the legal requirements and include, in particular, appropriate contracts or Agreements, which serve the protection of your data, with the recipients of your data.

Data processing in third countries

If we process data in a third country (i.e. outside the European Union (EU), the European economic area (EEA)) or the processing in the context of the use of third-party services or disclosure or Transmission of data to other persons, Bodies or companies, this will only be done in accordance with the statutory requirements.

Subject to Express consent or contract or by law required Submission of article 44 to 49 DSGVO, information page of the EU Commission, we process or leave the data only in third countries with a recognised level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, the Existence of certifications or binding internal data protection regulations process (: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de).

Use of Cookies

Cookies are text files that contain data from visited Websites or Domains and from a Browser on the user's Computer to be stored. A Cookie serves primarily to store the information about a user during or after his visit within an online offer. The stored information includes, for example, the language settings on a website, the login status, a shopping cart, or the point at which a Video has been watched. To include the notion of Cookies, we also use other technologies, which fulfil the same functions as Cookies (e.g., if the information of the user is stored using pseudonymous Online identifiers, also known as "user IDs") are

The following Cookie types and functions can be distinguished:

Temporary Cookies (also known as a Session or "session Cookies"): Temporary Cookies are deleted after a user has left a quote Online, and its Browser is closed.

Permanent Cookies: Permanent Cookies remain after the browser is closed. The Login can, for example, Status or preferred content displayed directly saved when the user visits a Website. Likewise, the interests of users used for range measurement or marketing purposes may be stored in such a Cookie.

First-Party Cookies: First-Party Cookies are set by us.

Third-Party Cookies (including third party Cookies): Third-party Cookies are mainly used by advertisers (so-called third parties) in order to process the user information.

Necessary (also called essential or strictly necessary) Cookies: Cookies can store gifts for the operation of a website is absolutely necessary (e.g. for Logins, or any other user information to or for reasons of safety).

Statistics, Marketing and personalization CookiesIn addition, Cookies may be used in a rule, also in the context of the range of measurement, and then, if the interests of a user or his behavior (e.g., Viewing of certain content, Use of functions, etc.) on each of the web pages in a user profile are saved. Such Profiles are used, the users, i.e., contents that correspond to their potential interests. This procedure is also referred to as "Tracking", i.e., tracking the potential interests of the users. To the extent that we use Cookies or "Tracking"technologies, we inform you separately in our data protection Declaration, or in the context of obtaining consent.

Notes on legal bases:  The legal basis on which we process your personal data with the help of the Cookies depends on whether we ask you for consent. If this is the case, and you consent to the use of Cookies, the legal basis for the processing of your data is the consent. Otherwise, by using Cookies data processed on the basis of our legitimate interests (e.g. to be in a business operation of our online offer and its improvement) processes or, if the use of Cookies is necessary to comply with our contractual obligations.

Storage duration: If we tell you there is no explicit information about the storage duration of permanent Cookies (e.g., in the context of a so-called Cookie Opt-Ins), please assume that the storage period can be up to two years.

General instructions for revocation and objection (Opt-Out):  Depending on whether the processing is carried out on the basis of a consent or legal permission, you have the option at any time, your consent to revoke or to the processing of your data through Cookie technology to contradict (collectively, the "Opt-Out" means). You can restrict explain your right of objection, first, using the settings of your browser, e.g. by deactivating the use of Cookies (wherein this the functionality of our online offer). An objection to the use of Cookies for the purposes of online marketing can be a web page by means of a variety of services, especially in the case of tracking, via the https://optout.aboutads.info and https://www.youronlinechoices.com/ be explained. In addition, you can get more contradiction notes in the context of the information about the service providers and Cookies.

Processing of Cookie data on the basis of a consentWe use a method for Cookie-Consent-Management, in the framework of the consent of the users in the use of the Cookies, or within the framework of the Cookie-Consent-Management-procedure-mentioned processing, and provider obtained, as well as from the users and revoke can be managed. This Declaration of consent will be stored, the query again to have and to be able to consent, according to the legal obligation to prove. The storage can be done on the server side and/or in a Cookie (so-called Opt-In Cookie, and use comparable technologies) to consent to a user, and / or its assign the device to. Subject to individual information to the providers of Cookie Management services, subject to the following: the duration of The storage of the consent can be up to two years. Here is a pseudonymous user is formed identifier with the date of the consent, information on the scope of the consent (e.g., what are the categories of Cookies and/or service provider) as well as the Browser System and the terminal used and stored.

Types Of Data Processed: Usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses).

Affected Persons: Users (e.g. website visitors, users of online services).

Legal basis: Consent (Art. 6, Para. 1 S. 1 lit. a. DSGVO), Legitimate interests (art. 6, Para. 1 S. 1 lit. f. DSGVO).

Business Services

We process conditions, the data of our contractual and business partners, such as customers and prospective customers (referred to collectively as "contractual partners") in the context of contractual and other similar rights, as well as associated measures and in the context of the communication with the parties to the contract (or pre-contractually), for example, to answer requests.

These data do we process for the fulfilment of our contractual obligations, to secure our rights and for the purposes of this information is associated administrative tasks, as well as the entrepreneurial organization. The data of the contractual partner, we give in the scope of the applicable Law only to the extent to third parties, as this is for the purposes indicated above or to comply with legal obligations or with the consent of the persons concerned (e.g. to persons involved in the telecommunications, Transport and other ancillary services, as well as subcontractors, banks, tax and legal consultant, payment service provider or tax authorities). Through further Processing, e.g. for the purposes of marketing, you will be informed the parties to the contract in accordance with this privacy statement.

What are the data for the aforementioned purposes, we inform the parties to the contract prior to, or within the framework of the data collection, for example, in online forms, by special marking (e.g., colors) and symbols (e.g., asterisks, etc.), or in person.

We delete the data after expiry of statutory warranty and comparable obligations, i.e., in principle, after the expiry of 4 years, unless the data are stored in a customer account, for example, as long as they need to be retained for legal reasons, in the archive (for example, for tax purposes, usually 10 years). Data put in the context of a contract by the contract partner is open, we will delete according to the specifications of the order, in principle after the end of the contract.

To the extent that we use to provide our services to third-party providers or platforms, apply to the relationship between the users and the providers of the terms and conditions and data protection notices of the respective third-party providers or platforms.

Customer account: The contractual partner can create within our online offer an account (e.g., customer or user account, in short, the "customer account"). If the registration of a customer account is required to be a contract drawn to the partners, as well as on the information required for registration. The customers ' accounts are not public and cannot be indexed by search engines. In the context of the registration, as well as subsequent applications and uses of the customer account, we store the IP to the customer in addition to the access points in time, the registry evidence and any misuse of the client's account to prevent addresses.

If customers have terminated your account will be deleted in the customer account data in question, subject to their retention is for legal reasons. It is the responsibility of the customer to secure their data upon termination of the customer account.

Artistic and literary achievementsWe process the data of our customers, to provide you with the selection, acquisition, or retention of the selected services or works, and other related activities, as well as their payment and delivery, or execution or provision.

The information required is as such under the contract, order or similar contract is identified, and include the delivery and billing information, and contact information, to any consultations.

Publication activityWe process the data of our contact partners, the interview partners, as well as other people, the subject of our publicist, editorial and journalistic, as well as related activities. In this context, we refer to the applicability of the protection provisions of the freedom of expression and freedom of the press gem. Article 85 of the DSGVO in conjunction with the respective national laws. The processing serves the fulfilment of our contract, activities, and takes place in the Other, in particular on the basis of the interest of the General public in information and Media.

Range of Software and platform servicesWe process the data of our users, logged on, and any test user (hereinafter referred to as the "user"), and to provide you with our contractual services, as well as to be able, on the basis of legitimate interests, the safety of our offer, ensure and develop it further. The information required is as such under the contract, order, or comparable contract is identified, and include for the provision of services and billing information, and contact information, to any consultations.

Types Of Data Processed: Inventory data (e.g. names, addresses), payment data (e.g. Bank details, invoices, payment history), contact data (e.g. E-Mail, telephone numbers), contract data (e.g. subject matter of the contract, duration, customer category), usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses).

Affected Persons: Interested parties, business and contract partners, customers.

Purposes of the processing: Provision of contractual services and customer service, contact requests and communication, office and organization, procedure, management, and responding to requests, security measures.

Legal basis: Fulfilment of the contract and pre-contractual requests (article 6, Para. 1 S. 1 lit. b. DSGVO), Legal obligation (art. 6, Para. 1 S. 1 lit. C. DSGVO), Legitimate interests (art. 6, Para. 1 S. 1 lit. f. DSGVO).

Create professional presentations with artificial intelligence
© Zapdeck. All rights reserved 2026
Resources
WorkshopsBlogVideosPodcast
Legal
Privacy PolicyImprint
Connect
Contact us
© Zapdeck. All rights reserved 2026